Move crypto files out of base, to a top level directory.

src/crypto is now an independent project that contains our
cryptographic primitives (except md5 and sha1).

This removes the base dependency from nss, openssl and sqlite.

BUG=76996
TEST=none
Review URL: http://codereview.chromium.org/6805019

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@81611 0039d316-1c4b-4281-b951-d872f2087c98

base/base.gyp

@@ -112,13 +112,6 @@
         'callback_unittest.cc',
         'command_line_unittest.cc',
         'cpu_unittest.cc',
-        'crypto/encryptor_unittest.cc',
-        'crypto/rsa_private_key_unittest.cc',
-        'crypto/rsa_private_key_nss_unittest.cc',
-        'crypto/secure_hash_unittest.cc',
-        'crypto/signature_creator_unittest.cc',
-        'crypto/signature_verifier_unittest.cc',
-        'crypto/symmetric_key_unittest.cc',
         'debug/leak_tracker_unittest.cc',
         'debug/stack_trace_unittest.cc',
         'debug/trace_event_win_unittest.cc',
@@ -129,7 +122,6 @@
         'file_util_unittest.cc',
         'file_version_info_unittest.cc',
         'gmock_unittest.cc',
-        'hmac_unittest.cc',
         'id_map_unittest.cc',
         'i18n/break_iterator_unittest.cc',
         'i18n/char_iterator_unittest.cc',
@@ -167,7 +159,6 @@
         'process_util_unittest_mac.mm',
         'rand_util_unittest.cc',
         'sha1_unittest.cc',
-        'sha2_unittest.cc',
         'shared_memory_unittest.cc',
         'stack_container_unittest.cc',
         'string16_unittest.cc',
@@ -256,7 +247,6 @@
         }, {  # OS != "linux" and OS != "freebsd" and OS != "openbsd" and OS != "solaris"
           'sources!': [
             'message_pump_glib_unittest.cc',
-            'crypto/rsa_private_key_nss_unittest.cc',
           ]
         }],
         # This is needed to trigger the dll copy step on windows.
@@ -281,11 +271,6 @@
             'win_util_unittest.cc',
           ],
         }],
-        [ 'use_openssl==1', {
-          'sources!': [
-            'crypto/rsa_private_key_nss_unittest.cc',
-          ],
-        }],
       ],
     },
     {

base/base.gypi

@@ -456,22 +456,6 @@
                 },
               },
             ],
-            [ 'use_openssl==1', {
-                'dependencies': [
-                  '../third_party/openssl/openssl.gyp:openssl',
-                ],
-              }, {  # use_openssl==0
-                'sources': [
-                  'base/crypto/scoped_nss_types.h',
-                ],
-                'dependencies': [
-                  '../build/linux/system.gyp:nss',
-                ],
-                'export_dependent_settings': [
-                  '../build/linux/system.gyp:nss',
-                ],
-              }
-            ],
           ],
           'dependencies': [
             'symbolize',
@@ -525,27 +509,13 @@
               '$(SDKROOT)/System/Library/Frameworks/Security.framework',
             ],
           },
-        }, {  # OS != "mac"
-          'sources!': [
-            'crypto/cssm_init.cc',
-            'crypto/cssm_init.h',
-            'crypto/mac_security_services_lock.cc',
-            'crypto/mac_security_services_lock.h',
-          ],
         }],
-        [ 'OS == "mac" or OS == "win"', {
-            'dependencies': [
-              '../third_party/nss/nss.gyp:nss',
-            ],
-        },],
         [ 'OS != "win"', {
             'dependencies': ['../third_party/libevent/libevent.gyp:libevent'],
             'sources!': [
               'third_party/purify/pure_api.c',
               'base_drag_source.cc',
               'base_drop_target.cc',
-              'crypto/capi_util.h',
-              'crypto/capi_util.cc',
               'event_recorder.cc',
               'file_version_info.cc',
               'registry.cc',
@@ -553,82 +523,11 @@
               'win_util.cc',
             ],
         },],
-        [ 'use_openssl==1', {
-            # TODO(joth): Use a glob to match exclude patterns once the
-            #             OpenSSL file set is complete.
-            'sources!': [
-              'crypto/encryptor_nss.cc',
-              'crypto/rsa_private_key_nss.cc',
-              'crypto/secure_hash_default.cc',
-              'crypto/signature_creator_nss.cc',
-              'crypto/signature_verifier_nss.cc',
-              'crypto/symmetric_key_nss.cc',
-              'hmac_nss.cc',
-              'nss_util.cc',
-              'nss_util.h',
-              'third_party/nss/blapi.h',
-              'third_party/nss/blapit.h',
-              'third_party/nss/sha256.h',
-              'third_party/nss/sha512.cc',
-            ],
-          }, {
-            'sources!': [
-              'crypto/encryptor_openssl.cc',
-              'crypto/rsa_private_key_openssl.cc',
-              'crypto/secure_hash_openssl.cc',
-              'crypto/signature_creator_openssl.cc',
-              'crypto/signature_verifier_openssl.cc',
-              'crypto/symmetric_key_openssl.cc',
-              'hmac_openssl.cc',
-              'openssl_util.cc',
-              'openssl_util.h',
-            ],
-        },],
       ],
       'sources': [
-        'crypto/capi_util.cc',
-        'crypto/capi_util.h',
-        'crypto/crypto_module_blocking_password_delegate.h',
-        'crypto/cssm_init.cc',
-        'crypto/cssm_init.h',
-        'crypto/encryptor.h',
-        'crypto/encryptor_mac.cc',
-        'crypto/encryptor_nss.cc',
-        'crypto/encryptor_openssl.cc',
-        'crypto/encryptor_win.cc',
-        'crypto/mac_security_services_lock.cc',
-        'crypto/mac_security_services_lock.h',
-        'crypto/rsa_private_key.h',
-        'crypto/rsa_private_key.cc',
-        'crypto/rsa_private_key_mac.cc',
-        'crypto/rsa_private_key_nss.cc',
-        'crypto/rsa_private_key_openssl.cc',
-        'crypto/rsa_private_key_win.cc',
-        'crypto/secure_hash.h',
-        'crypto/secure_hash_default.cc',
-        'crypto/secure_hash_openssl.cc',
-        'crypto/signature_creator.h',
-        'crypto/signature_creator_mac.cc',
-        'crypto/signature_creator_nss.cc',
-        'crypto/signature_creator_openssl.cc',
-        'crypto/signature_creator_win.cc',
-        'crypto/signature_verifier.h',
-        'crypto/signature_verifier_mac.cc',
-        'crypto/signature_verifier_nss.cc',
-        'crypto/signature_verifier_openssl.cc',
-        'crypto/signature_verifier_win.cc',
-        'crypto/symmetric_key.h',
-        'crypto/symmetric_key_mac.cc',
-        'crypto/symmetric_key_nss.cc',
-        'crypto/symmetric_key_openssl.cc',
-        'crypto/symmetric_key_win.cc',
         'third_party/nspr/prcpucfg.h',
         'third_party/nspr/prcpucfg_win.h',
         'third_party/nspr/prtypes.h',
-        'third_party/nss/blapi.h',
-        'third_party/nss/blapit.h',
-        'third_party/nss/sha256.h',
-        'third_party/nss/sha512.cc',
         'third_party/purify/pure.h',
         'third_party/purify/pure_api.c',
         'third_party/xdg_user_dirs/xdg_user_dir_lookup.cc',
@@ -641,11 +540,6 @@
         'event_recorder_stubs.cc',
         'file_descriptor_shuffle.cc',
         'file_descriptor_shuffle.h',
-        'hmac.h',
-        'hmac_mac.cc',
-        'hmac_nss.cc',
-        'hmac_openssl.cc',
-        'hmac_win.cc',
         'linux_util.cc',
         'linux_util.h',
         'md5.cc',
@@ -661,12 +555,6 @@
         'message_pump_mac.mm',
         'metrics/field_trial.cc',
         'metrics/field_trial.h',
-        'nss_util.cc',
-        'nss_util.h',
-        'openssl_util.cc',
-        'openssl_util.h',
-        'sha2.cc',
-        'sha2.h',
         'string16.cc',
         'string16.h',
         'sync_socket.h',

base/sha1_win.cc

@@ -1,4 +1,4 @@
-// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
@@ -7,7 +7,9 @@
 #include <windows.h>
 #include <wincrypt.h>
 
-#include "base/crypto/scoped_capi_types.h"
+// This file is not being compiled at the moment (see bug 47218). If we keep
+// sha1 inside base, we cannot depend on src/crypto.
+// #include "crypto/scoped_capi_types.h"
 #include "base/logging.h"
 
 namespace base {

base/test/test_suite.cc

@@ -15,7 +15,6 @@
 #include "base/logging.h"
 #include "base/mac/scoped_nsautorelease_pool.h"
 #include "base/memory/scoped_ptr.h"
-#include "base/nss_util.h"
 #include "base/path_service.h"
 #include "base/process_util.h"
 #include "base/test/multiprocess_test.h"
@@ -214,14 +213,6 @@ void TestSuite::Initialize() {
 
   icu_util::Initialize();
 
-#if defined(USE_NSS)
-  // Trying to repeatedly initialize and cleanup NSS and NSPR may result in
-  // a deadlock. Such repeated initialization will happen when using test
-  // isolation. Prevent problems by initializing NSS here, so that the cleanup
-  // will be done only on process exit.
-  base::EnsureNSSInit();
-#endif  // defined(USE_NSS)
-
   CatchMaybeTests();
 
   TestTimeouts::Initialize();

chrome/DEPS

@@ -1,6 +1,7 @@
 include_rules = [
   "+app",
   "+content",
+  "+crypto",
   "+gpu",
   "+net",
   "+printing",

chrome/app/chrome_main.cc

@@ -13,13 +13,13 @@
 #include "base/message_loop.h"
 #include "base/metrics/stats_counters.h"
 #include "base/metrics/stats_table.h"
-#include "base/nss_util.h"
 #include "base/path_service.h"
 #include "base/process_util.h"
 #include "base/string_number_conversions.h"
 #include "base/string_util.h"
 #include "base/utf_string_conversions.h"
 #include "build/build_config.h"
+#include "crypto/nss_util.h"
 #include "chrome/browser/defaults.h"
 #include "chrome/browser/diagnostics/diagnostics_main.h"
 #include "chrome/browser/platform_util.h"
@@ -589,7 +589,7 @@ int ChromeMain(int argc, char** argv) {
   SetupCRT(command_line);
 
 #if defined(USE_NSS)
-  base::EarlySetupForNSSInit();
+  crypto::EarlySetupForNSSInit();
 #endif
 
   // Initialize the Chrome path provider.

chrome/browser/browser_main_gtk.cc

@@ -27,7 +27,7 @@
 #include "ui/gfx/gtk_util.h"
 
 #if defined(USE_NSS)
-#include "base/nss_util.h"
+#include "crypto/nss_util.h"
 #endif
 
 #if defined(USE_LINUX_BREAKPAD)
@@ -69,7 +69,7 @@ void BrowserMainPartsGtk::PreEarlyInitialization() {
 
 #if defined(USE_NSS)
   // We want to be sure to init NSPR on the main thread.
-  base::EnsureNSPRInit();
+  crypto::EnsureNSPRInit();
 #endif
 }
 

chrome/browser/browser_main_mac.mm

@@ -11,8 +11,8 @@
 #include "base/file_path.h"
 #include "base/mac/mac_util.h"
 #include "base/memory/scoped_nsobject.h"
-#include "base/nss_util.h"
 #include "base/path_service.h"
+#include "crypto/nss_util.h"
 #include "chrome/app/breakpad_mac.h"
 #import "chrome/browser/app_controller_mac.h"
 #include "chrome/browser/browser_main_win.h"
@@ -137,7 +137,7 @@ class BrowserMainPartsMac : public BrowserMainPartsPosix {
       net::ClientSocketFactory::UseSystemSSL();
     } else {
       // We want to be sure to init NSPR on the main thread.
-      base::EnsureNSPRInit();
+      crypto::EnsureNSPRInit();
     }
   }
 };

chrome/browser/browser_main_win.cc

@@ -15,11 +15,11 @@
 #include "base/i18n/rtl.h"
 #include "base/memory/scoped_native_library.h"
 #include "base/memory/scoped_ptr.h"
-#include "base/nss_util.h"
 #include "base/path_service.h"
 #include "base/utf_string_conversions.h"
 #include "base/win/windows_version.h"
 #include "base/win/wrapped_window_proc.h"
+#include "crypto/nss_util.h"
 #include "chrome/browser/first_run/first_run.h"
 #include "chrome/browser/first_run/upgrade_util.h"
 #include "chrome/browser/metrics/metrics_service.h"
@@ -295,7 +295,7 @@ class BrowserMainPartsWin : public BrowserMainParts {
       net::ClientSocketFactory::UseSystemSSL();
     } else {
       // We want to be sure to init NSPR on the main thread.
-      base::EnsureNSPRInit();
+      crypto::EnsureNSPRInit();
     }
   }
 };

chrome/browser/chromeos/login/google_authenticator.cc

@@ -11,11 +11,10 @@
 #include "base/file_util.h"
 #include "base/logging.h"
 #include "base/path_service.h"
-#include "base/sha2.h"
 #include "base/string_util.h"
 #include "base/synchronization/lock.h"
-#include "base/third_party/nss/blapi.h"
+#include "crypto/third_party/nss/blapi.h"
-#include "base/third_party/nss/sha256.h"
+#include "crypto/third_party/nss/sha256.h"
 #include "chrome/browser/chromeos/boot_times_loader.h"
 #include "chrome/browser/chromeos/cros/cryptohome_library.h"
 #include "chrome/browser/chromeos/login/auth_response_handler.h"

chrome/browser/chromeos/login/mock_owner_key_utils.h

@@ -1,4 +1,4 @@
-// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
@@ -9,16 +9,14 @@
 #include <vector>
 
 #include "base/basictypes.h"
-#include "base/crypto/rsa_private_key.h"
 #include "base/file_path.h"
+#include "crypto/rsa_private_key.h"
 #include "chrome/browser/chromeos/cros/login_library.h"
 #include "chrome/browser/chromeos/login/owner_key_utils.h"
 #include "content/browser/browser_thread.h"
 #include "testing/gmock/include/gmock/gmock.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
-using ::base::RSAPrivateKey;
-
 namespace chromeos {
 
 class MockKeyUtils : public OwnerKeyUtils {
@@ -31,10 +29,11 @@ class MockKeyUtils : public OwnerKeyUtils {
                             const std::vector<uint8> public_key));
   MOCK_METHOD3(Sign, bool(const std::string& data,
                           std::vector<uint8>* OUT_signature,
-                          base::RSAPrivateKey* key));
+                          crypto::RSAPrivateKey* key));
-  MOCK_METHOD1(FindPrivateKey, RSAPrivateKey*(const std::vector<uint8>& key));
+  MOCK_METHOD1(FindPrivateKey,
+               crypto::RSAPrivateKey*(const std::vector<uint8>& key));
   MOCK_METHOD0(GetOwnerKeyFilePath, FilePath());
-  MOCK_METHOD2(ExportPublicKeyToFile, bool(base::RSAPrivateKey* pair,
+  MOCK_METHOD2(ExportPublicKeyToFile, bool(crypto::RSAPrivateKey* pair,
                                            const FilePath& key_file));
  protected:
   virtual ~MockKeyUtils() {}

chrome/browser/chromeos/login/owner_key_utils.cc

@@ -6,19 +6,18 @@
 
 #include <limits>
 
-#include "base/crypto/rsa_private_key.h"
-#include "base/crypto/signature_creator.h"
-#include "base/crypto/signature_verifier.h"
 #include "base/file_path.h"
 #include "base/file_util.h"
 #include "base/logging.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/string_util.h"
+#include "crypto/rsa_private_key.h"
+#include "crypto/signature_creator.h"
+#include "crypto/signature_verifier.h"
 #include "chrome/browser/chromeos/cros/cros_library.h"
 #include "chrome/browser/chromeos/cros/login_library.h"
 #include "chrome/common/extensions/extension_constants.h"
 
-using base::RSAPrivateKey;
 using extension_misc::kSignatureAlgorithm;
 
 namespace chromeos {
@@ -49,16 +48,17 @@ class OwnerKeyUtilsImpl : public OwnerKeyUtils {
 
   bool Sign(const std::string& data,
             std::vector<uint8>* OUT_signature,
-            base::RSAPrivateKey* key);
+            crypto::RSAPrivateKey* key);
 
-  RSAPrivateKey* FindPrivateKey(const std::vector<uint8>& key);
+  crypto::RSAPrivateKey* FindPrivateKey(const std::vector<uint8>& key);
 
   FilePath GetOwnerKeyFilePath();
 
  protected:
   virtual ~OwnerKeyUtilsImpl();
 
-  bool ExportPublicKeyToFile(RSAPrivateKey* pair, const FilePath& key_file);
+  bool ExportPublicKeyToFile(crypto::RSAPrivateKey* pair,
+                             const FilePath& key_file);
 
  private:
   // The file outside the owner's encrypted home directory where her
@@ -83,7 +83,7 @@ OwnerKeyUtilsImpl::OwnerKeyUtilsImpl() {}
 
 OwnerKeyUtilsImpl::~OwnerKeyUtilsImpl() {}
 
-bool OwnerKeyUtilsImpl::ExportPublicKeyToFile(RSAPrivateKey* pair,
+bool OwnerKeyUtilsImpl::ExportPublicKeyToFile(crypto::RSAPrivateKey* pair,
                                               const FilePath& key_file) {
   DCHECK(pair);
   bool ok = false;
@@ -134,7 +134,7 @@ bool OwnerKeyUtilsImpl::ImportPublicKey(const FilePath& key_file,
 bool OwnerKeyUtilsImpl::Verify(const std::string& data,
                                const std::vector<uint8> signature,
                                const std::vector<uint8> public_key) {
-  base::SignatureVerifier verifier;
+  crypto::SignatureVerifier verifier;
   if (!verifier.VerifyInit(kSignatureAlgorithm, sizeof(kSignatureAlgorithm),
                            &signature[0], signature.size(),
                            &public_key[0], public_key.size())) {
@@ -148,9 +148,9 @@ bool OwnerKeyUtilsImpl::Verify(const std::string& data,
 
 bool OwnerKeyUtilsImpl::Sign(const std::string& data,
                              std::vector<uint8>* OUT_signature,
-                             base::RSAPrivateKey* key) {
+                             crypto::RSAPrivateKey* key) {
-  scoped_ptr<base::SignatureCreator> signer(
+  scoped_ptr<crypto::SignatureCreator> signer(
-      base::SignatureCreator::Create(key));
+      crypto::SignatureCreator::Create(key));
   if (!signer->Update(reinterpret_cast<const uint8*>(data.c_str()),
                       data.length())) {
     return false;
@@ -158,9 +158,9 @@ bool OwnerKeyUtilsImpl::Sign(const std::string& data,
   return signer->Final(OUT_signature);
 }
 
-RSAPrivateKey* OwnerKeyUtilsImpl::FindPrivateKey(
+crypto::RSAPrivateKey* OwnerKeyUtilsImpl::FindPrivateKey(
     const std::vector<uint8>& key) {
-  return RSAPrivateKey::FindFromPublicKeyInfo(key);
+  return crypto::RSAPrivateKey::FindFromPublicKeyInfo(key);
 }
 
 FilePath OwnerKeyUtilsImpl::GetOwnerKeyFilePath() {

chrome/browser/chromeos/login/owner_key_utils.h

@@ -15,7 +15,7 @@
 
 class FilePath;
 
-namespace base {
+namespace crypto {
 class RSAPrivateKey;
 }
 
@@ -60,12 +60,12 @@ class OwnerKeyUtils : public base::RefCounted<OwnerKeyUtils> {
   // and populate |OUT_signature|.
   virtual bool Sign(const std::string& data,
                     std::vector<uint8>* OUT_signature,
-                    base::RSAPrivateKey* key) = 0;
+                    crypto::RSAPrivateKey* key) = 0;
 
   // Looks for the private key associated with |key| in the default slot,
   // and returns it if it can be found.  Returns NULL otherwise.
   // Caller takes ownership.
-  virtual base::RSAPrivateKey* FindPrivateKey(
+  virtual crypto::RSAPrivateKey* FindPrivateKey(
       const std::vector<uint8>& key) = 0;
 
   virtual FilePath GetOwnerKeyFilePath() = 0;
@@ -76,7 +76,7 @@ class OwnerKeyUtils : public base::RefCounted<OwnerKeyUtils> {
   // DER encodes public half of |pair| and writes it out to |key_file|.
   // The blob on disk is a DER-encoded X509 SubjectPublicKeyInfo object.
   // Returns false on error.
-  virtual bool ExportPublicKeyToFile(base::RSAPrivateKey* pair,
+  virtual bool ExportPublicKeyToFile(crypto::RSAPrivateKey* pair,
                                      const FilePath& key_file) = 0;
 
  private:

chrome/browser/chromeos/login/owner_key_utils_unittest.cc

@@ -7,13 +7,13 @@
 #include <string>
 #include <vector>
 
-#include "base/crypto/rsa_private_key.h"
 #include "base/file_path.h"
 #include "base/file_util.h"
 #include "base/memory/ref_counted.h"
 #include "base/memory/scoped_temp_dir.h"
-#include "base/nss_util.h"
+#include "crypto/nss_util.h"
-#include "base/nss_util_internal.h"
+#include "crypto/nss_util_internal.h"
+#include "crypto/rsa_private_key.h"
 #include "testing/gmock/include/gmock/gmock.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
@@ -25,7 +25,7 @@ class OwnerKeyUtilsTest : public ::testing::Test {
   virtual ~OwnerKeyUtilsTest() {}
 
   virtual void SetUp() {
-    base::OpenPersistentNSSDB();
+    crypto::OpenPersistentNSSDB();
   }
 
   // Key generation parameters.
@@ -39,9 +39,9 @@ class OwnerKeyUtilsTest : public ::testing::Test {
 const uint16 OwnerKeyUtilsTest::kKeySizeInBits = 2048;
 
 TEST_F(OwnerKeyUtilsTest, ExportImportPublicKey) {
-  scoped_ptr<base::RSAPrivateKey> pair(
+  scoped_ptr<crypto::RSAPrivateKey> pair(
-      base::RSAPrivateKey::CreateSensitive(kKeySizeInBits));
+      crypto::RSAPrivateKey::CreateSensitive(kKeySizeInBits));
-  ASSERT_NE(pair.get(), reinterpret_cast<base::RSAPrivateKey*>(NULL));
+  ASSERT_NE(pair.get(), reinterpret_cast<crypto::RSAPrivateKey*>(NULL));
 
   // Export public key to file.
   ScopedTempDir tmpdir;

chrome/browser/chromeos/login/owner_manager.h

@@ -9,8 +9,8 @@
 #include <vector>
 
 #include "base/basictypes.h"
-#include "base/crypto/rsa_private_key.h"
 #include "base/memory/ref_counted.h"
+#include "crypto/rsa_private_key.h"
 #include "chrome/browser/chromeos/login/owner_key_utils.h"
 #include "content/browser/browser_thread.h"
 
@@ -89,7 +89,7 @@ class OwnerManager : public base::RefCountedThreadSafe<OwnerManager> {
     d->OnKeyOpComplete(return_code, payload);
   }
 
-  scoped_ptr<base::RSAPrivateKey> private_key_;
+  scoped_ptr<crypto::RSAPrivateKey> private_key_;
   std::vector<uint8> public_key_;
 
   scoped_refptr<OwnerKeyUtils> utils_;

chrome/browser/chromeos/login/owner_manager_unittest.cc

@@ -7,18 +7,18 @@
 
 #include <string>
 
-#include "base/crypto/rsa_private_key.h"
 #include "base/file_path.h"
 #include "base/file_util.h"
 #include "base/logging.h"
 #include "base/memory/scoped_temp_dir.h"
-#include "base/nss_util.h"
+#include "crypto/nss_util.h"
+#include "crypto/rsa_private_key.h"
 #include "chrome/browser/chromeos/login/mock_owner_key_utils.h"
 #include "content/browser/browser_thread.h"
 #include "testing/gmock/include/gmock/gmock.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
-using ::base::RSAPrivateKey;
+using ::crypto::RSAPrivateKey;
 using ::testing::DoAll;
 using ::testing::Eq;
 using ::testing::Invoke;
@@ -40,7 +40,7 @@ class OwnerManagerTest : public ::testing::Test {
   virtual ~OwnerManagerTest() {}
 
   virtual void SetUp() {
-    base::OpenPersistentNSSDB();  // TODO(cmasone): use test DB instead
+    crypto::OpenPersistentNSSDB();  // TODO(cmasone): use test DB instead
     fake_private_key_.reset(RSAPrivateKey::Create(256));
     ASSERT_TRUE(fake_private_key_->ExportPublicKey(&fake_public_key_));
 

chrome/browser/chromeos/login/ownership_service_unittest.cc

@@ -6,20 +6,20 @@
 
 #include <string>
 
-#include "base/crypto/rsa_private_key.h"
 #include "base/file_path.h"
 #include "base/file_util.h"
 #include "base/logging.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/memory/scoped_temp_dir.h"
-#include "base/nss_util.h"
+#include "crypto/nss_util.h"
+#include "crypto/rsa_private_key.h"
 #include "chrome/browser/chromeos/login/mock_owner_key_utils.h"
 #include "chrome/browser/chromeos/login/owner_manager_unittest.h"
 #include "content/browser/browser_thread.h"
 #include "testing/gmock/include/gmock/gmock.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
-using ::base::RSAPrivateKey;
+using ::crypto::RSAPrivateKey;
 using ::testing::DoAll;
 using ::testing::Eq;
 using ::testing::Invoke;
@@ -42,7 +42,7 @@ class OwnershipServiceTest : public ::testing::Test {
   virtual ~OwnershipServiceTest() {}
 
   virtual void SetUp() {
-    base::OpenPersistentNSSDB();  // TODO(cmasone): use test DB instead
+    crypto::OpenPersistentNSSDB();  // TODO(cmasone): use test DB instead
     fake_private_key_.reset(RSAPrivateKey::Create(256));
     ASSERT_TRUE(fake_private_key_->ExportPublicKey(&fake_public_key_));
 

chrome/browser/chromeos/login/parallel_authenticator.cc

@@ -11,11 +11,10 @@
 #include "base/file_util.h"
 #include "base/logging.h"
 #include "base/path_service.h"
-#include "base/sha2.h"
 #include "base/string_util.h"
 #include "base/synchronization/lock.h"
-#include "base/third_party/nss/blapi.h"
+#include "crypto/third_party/nss/blapi.h"
-#include "base/third_party/nss/sha256.h"
+#include "crypto/third_party/nss/sha256.h"
 #include "chrome/browser/chromeos/cros/cryptohome_library.h"
 #include "chrome/browser/chromeos/login/auth_response_handler.h"
 #include "chrome/browser/chromeos/login/authentication_notification_details.h"

chrome/browser/chromeos/login/signed_settings_unittest.cc

@@ -7,7 +7,6 @@
 #include "base/file_util.h"
 #include "base/logging.h"
 #include "base/memory/scoped_temp_dir.h"
-#include "base/nss_util.h"
 #include "base/stringprintf.h"
 #include "chrome/browser/chromeos/cros/cros_library.h"
 #include "chrome/browser/chromeos/cros/mock_library_loader.h"
@@ -18,6 +17,7 @@
 #include "chrome/browser/policy/proto/device_management_backend.pb.h"
 #include "chrome/test/thread_test_helper.h"
 #include "content/browser/browser_thread.h"
+#include "crypto/rsa_private_key.h"
 #include "testing/gmock/include/gmock/gmock.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
@@ -259,7 +259,7 @@ class SignedSettingsTest : public ::testing::Test {
   BrowserThread file_thread_;
 
   std::vector<uint8> fake_public_key_;
-  scoped_ptr<RSAPrivateKey> fake_private_key_;
+  scoped_ptr<crypto::RSAPrivateKey> fake_private_key_;
 
   MockKeyUtils* mock_;
   MockInjector injector_;

chrome/browser/chromeos/login/user_manager.cc

@@ -10,13 +10,13 @@
 #include "base/file_util.h"
 #include "base/lazy_instance.h"
 #include "base/logging.h"
-#include "base/nss_util.h"
 #include "base/path_service.h"
 #include "base/string_util.h"
 #include "base/stringprintf.h"
 #include "base/time.h"
 #include "base/utf_string_conversions.h"
 #include "base/values.h"
+#include "crypto/nss_util.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/chromeos/cros/cros_library.h"
 #include "chrome/browser/chromeos/cros/cryptohome_library.h"
@@ -567,14 +567,14 @@ void UserManager::NotifyOnLogin() {
   // Let the window manager know that we're logged in now.
   WmIpc::instance()->SetLoggedInProperty(true);
   // Ensure we've opened the real user's key/certificate database.
-  base::OpenPersistentNSSDB();
+  crypto::OpenPersistentNSSDB();
 
   // Only load the Opencryptoki library into NSS if we have this switch.
   // TODO(gspencer): Remove this switch once cryptohomed work is finished:
   // http://crosbug.com/12295 and http://crosbug.com/12304
   if (CommandLine::ForCurrentProcess()->HasSwitch(
           switches::kLoadOpencryptoki)) {
-    base::EnableTPMForNSS();
+    crypto::EnableTPMForNSS();
   }
 
   // Schedules current user ownership check on file thread.

chrome/browser/download/base_file.cc

@@ -4,11 +4,11 @@
 
 #include "chrome/browser/download/base_file.h"
 
-#include "base/crypto/secure_hash.h"
 #include "base/file_util.h"
 #include "base/format_macros.h"
 #include "base/logging.h"
 #include "base/stringprintf.h"
+#include "crypto/secure_hash.h"
 #include "net/base/file_stream.h"
 #include "net/base/net_errors.h"
 #include "chrome/browser/download/download_util.h"
@@ -52,7 +52,7 @@ bool BaseFile::Initialize(bool calculate_hash) {
   calculate_hash_ = calculate_hash;
 
   if (calculate_hash_)
-    secure_hash_.reset(base::SecureHash::Create(base::SecureHash::SHA256));
+    secure_hash_.reset(crypto::SecureHash::Create(crypto::SecureHash::SHA256));
 
   if (!full_path_.empty() ||
       download_util::CreateTemporaryFileForDownload(&full_path_))

chrome/browser/download/base_file.h

@@ -14,7 +14,7 @@
 #include "chrome/browser/power_save_blocker.h"
 #include "googleurl/src/gurl.h"
 
-namespace base {
+namespace crypto {
 class SecureHash;
 }
 namespace net {
@@ -94,7 +94,7 @@ class BaseFile {
 
   // Used to calculate sha256 hash for the file when calculate_hash_
   // is set.
-  scoped_ptr<base::SecureHash> secure_hash_;
+  scoped_ptr<crypto::SecureHash> secure_hash_;
 
   unsigned char sha256_hash_[kSha256HashLen];
 

chrome/browser/enumerate_modules_model_win.cc

@@ -12,7 +12,6 @@
 #include "base/file_path.h"
 #include "base/file_version_info_win.h"
 #include "base/metrics/histogram.h"
-#include "base/sha2.h"
 #include "base/string_number_conversions.h"
 #include "base/string_util.h"
 #include "base/time.h"
@@ -21,6 +20,7 @@
 #include "base/version.h"
 #include "base/win/registry.h"
 #include "base/win/scoped_handle.h"
+#include "crypto/sha2.h"
 #include "chrome/browser/net/service_providers_win.h"
 #include "chrome/common/chrome_constants.h"
 #include "chrome/common/chrome_switches.h"
@@ -262,7 +262,7 @@ static void GenerateHash(const std::string& input, std::string* output) {
   }
 
   uint8 hash[4];
-  base::SHA256HashString(input, hash, sizeof(hash));
+  crypto::SHA256HashString(input, hash, sizeof(hash));
   *output = StringToLowerASCII(base::HexEncode(hash, sizeof(hash)));
 }
 

chrome/browser/extensions/convert_user_script.cc

@@ -12,8 +12,8 @@
 #include "base/file_util.h"
 #include "base/memory/scoped_temp_dir.h"
 #include "base/path_service.h"
-#include "base/sha2.h"
 #include "base/string_util.h"
+#include "crypto/sha2.h"
 #include "chrome/browser/extensions/user_script_master.h"
 #include "chrome/common/chrome_paths.h"
 #include "chrome/common/extensions/extension.h"
@@ -72,10 +72,10 @@ scoped_refptr<Extension> ConvertUserScriptToExtension(
   // identity is its namespace+name, so we hash that to create a public key.
   // There will be no corresponding private key, which means user scripts cannot
   // be auto-updated, or claimed in the gallery.
-  char raw[base::SHA256_LENGTH] = {0};
+  char raw[crypto::SHA256_LENGTH] = {0};
   std::string key;
-  base::SHA256HashString(script_name, raw, base::SHA256_LENGTH);
+  crypto::SHA256HashString(script_name, raw, crypto::SHA256_LENGTH);
-  base::Base64Encode(std::string(raw, base::SHA256_LENGTH), &key);
+  base::Base64Encode(std::string(raw, crypto::SHA256_LENGTH), &key);
 
   // The script may not have a name field, but we need one for an extension. If
   // it is missing, use the filename of the original URL.

chrome/browser/extensions/convert_web_app.cc

@@ -15,10 +15,10 @@
 #include "base/logging.h"
 #include "base/memory/scoped_temp_dir.h"
 #include "base/path_service.h"
-#include "base/sha2.h"
 #include "base/stringprintf.h"
 #include "base/time.h"
 #include "base/utf_string_conversions.h"
+#include "crypto/sha2.h"
 #include "chrome/common/chrome_paths.h"
 #include "chrome/common/extensions/extension.h"
 #include "chrome/common/extensions/extension_constants.h"
@@ -46,12 +46,12 @@ const char kIconsDirName[] = "icons";
 // auto-updated using ExtensionUpdater. But Chrome does notice updates to the
 // manifest and regenerates these extensions.
 std::string GenerateKey(const GURL& manifest_url) {
-  char raw[base::SHA256_LENGTH] = {0};
+  char raw[crypto::SHA256_LENGTH] = {0};
   std::string key;
-  base::SHA256HashString(manifest_url.spec().c_str(),
+  crypto::SHA256HashString(manifest_url.spec().c_str(),
-                         raw,
+                           raw,
-                         base::SHA256_LENGTH);
+                           crypto::SHA256_LENGTH);
-  base::Base64Encode(std::string(raw, base::SHA256_LENGTH), &key);
+  base::Base64Encode(std::string(raw, crypto::SHA256_LENGTH), &key);
   return key;
 }
 

chrome/browser/extensions/extension_creator.cc

@@ -7,12 +7,12 @@
 #include <vector>
 #include <string>
 
-#include "base/crypto/rsa_private_key.h"
-#include "base/crypto/signature_creator.h"
 #include "base/file_util.h"
 #include "base/memory/scoped_handle.h"
 #include "base/memory/scoped_temp_dir.h"
 #include "base/string_util.h"
+#include "crypto/rsa_private_key.h"
+#include "crypto/signature_creator.h"
 #include "chrome/browser/extensions/sandboxed_extension_unpacker.h"
 #include "chrome/common/extensions/extension.h"
 #include "chrome/common/extensions/extension_file_util.h"
@@ -74,7 +74,7 @@ bool ExtensionCreator::InitializeInput(
   return true;
 }
 
-base::RSAPrivateKey* ExtensionCreator::ReadInputKey(const FilePath&
+crypto::RSAPrivateKey* ExtensionCreator::ReadInputKey(const FilePath&
     private_key_path) {
   if (!file_util::PathExists(private_key_path)) {
     error_message_ =
@@ -98,14 +98,14 @@ base::RSAPrivateKey* ExtensionCreator::ReadInputKey(const FilePath&
     return NULL;
   }
 
-  return base::RSAPrivateKey::CreateFromPrivateKeyInfo(
+  return crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(
       std::vector<uint8>(private_key_bytes.begin(), private_key_bytes.end()));
 }
 
-base::RSAPrivateKey* ExtensionCreator::GenerateKey(const FilePath&
+crypto::RSAPrivateKey* ExtensionCreator::GenerateKey(const FilePath&
     output_private_key_path) {
-  scoped_ptr<base::RSAPrivateKey> key_pair(
+  scoped_ptr<crypto::RSAPrivateKey> key_pair(
-      base::RSAPrivateKey::Create(kRSAKeySize));
+      crypto::RSAPrivateKey::Create(kRSAKeySize));
   if (!key_pair.get()) {
     error_message_ =
         l10n_util::GetStringUTF8(IDS_EXTENSION_PRIVATE_KEY_FAILED_TO_GENERATE);
@@ -163,10 +163,10 @@ bool ExtensionCreator::CreateZip(const FilePath& extension_dir,
 }
 
 bool ExtensionCreator::SignZip(const FilePath& zip_path,
-                               base::RSAPrivateKey* private_key,
+                               crypto::RSAPrivateKey* private_key,
                                std::vector<uint8>* signature) {
-  scoped_ptr<base::SignatureCreator> signature_creator(
+  scoped_ptr<crypto::SignatureCreator> signature_creator(
-      base::SignatureCreator::Create(private_key));
+      crypto::SignatureCreator::Create(private_key));
   ScopedStdioHandle zip_handle(file_util::OpenFile(zip_path, "rb"));
   size_t buffer_size = 1 << 16;
   scoped_array<uint8> buffer(new uint8[buffer_size]);
@@ -186,7 +186,7 @@ bool ExtensionCreator::SignZip(const FilePath& zip_path,
 }
 
 bool ExtensionCreator::WriteCRX(const FilePath& zip_path,
-                                base::RSAPrivateKey* private_key,
+                                crypto::RSAPrivateKey* private_key,
                                 const std::vector<uint8>& signature,
                                 const FilePath& crx_path) {
   if (file_util::PathExists(crx_path))
@@ -246,7 +246,7 @@ bool ExtensionCreator::Run(const FilePath& extension_dir,
   }
 
   // Initialize Key Pair
-  scoped_ptr<base::RSAPrivateKey> key_pair;
+  scoped_ptr<crypto::RSAPrivateKey> key_pair;
   if (!private_key_path.value().empty())
     key_pair.reset(ReadInputKey(private_key_path));
   else

chrome/browser/extensions/extension_creator.h

@@ -1,4 +1,4 @@
-// Copyright (c) 2009 The Chromium Authors. All rights reserved.
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
@@ -11,7 +11,7 @@
 
 #include "base/basictypes.h"
 
-namespace base {
+namespace crypto {
 class RSAPrivateKey;
 }
 
@@ -45,11 +45,11 @@ class ExtensionCreator {
                        const FilePath& private_key_output_path);
 
   // Reads private key from |private_key_path|.
-  base::RSAPrivateKey* ReadInputKey(const FilePath& private_key_path);
+  crypto::RSAPrivateKey* ReadInputKey(const FilePath& private_key_path);
 
   // Generates a key pair and writes the private key to |private_key_path|
   // if provided.
-  base::RSAPrivateKey* GenerateKey(const FilePath& private_key_path);
+  crypto::RSAPrivateKey* GenerateKey(const FilePath& private_key_path);
 
   // Creates temporary zip file for the extension.
   bool CreateZip(const FilePath& extension_dir, const FilePath& temp_path,
@@ -57,12 +57,12 @@ class ExtensionCreator {
 
   // Signs the temporary zip and returns the signature.
   bool SignZip(const FilePath& zip_path,
-               base::RSAPrivateKey* private_key,
+               crypto::RSAPrivateKey* private_key,
                std::vector<uint8>* signature);
 
   // Export installable .crx to |crx_path|.
   bool WriteCRX(const FilePath& zip_path,
-                base::RSAPrivateKey* private_key,
+                crypto::RSAPrivateKey* private_key,
                 const std::vector<uint8>& signature,
                 const FilePath& crx_path);
 

chrome/browser/extensions/extension_updater.cc

@@ -12,7 +12,6 @@
 #include "base/file_util.h"
 #include "base/metrics/histogram.h"
 #include "base/rand_util.h"
-#include "base/sha2.h"
 #include "base/stl_util-inl.h"
 #include "base/string_number_conversions.h"
 #include "base/string_split.h"
@@ -20,6 +19,7 @@
 #include "base/time.h"
 #include "base/threading/thread.h"
 #include "base/version.h"
+#include "crypto/sha2.h"
 #include "content/common/notification_service.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/extensions/extension_error_reporter.h"
@@ -787,10 +787,10 @@ void ExtensionUpdater::HandleManifestResults(
 void ExtensionUpdater::ProcessBlacklist(const std::string& data) {
   DCHECK(alive_);
   // Verify sha256 hash value.
-  char sha256_hash_value[base::SHA256_LENGTH];
+  char sha256_hash_value[crypto::SHA256_LENGTH];
-  base::SHA256HashString(data, sha256_hash_value, base::SHA256_LENGTH);
+  crypto::SHA256HashString(data, sha256_hash_value, crypto::SHA256_LENGTH);
   std::string hash_in_hex = base::HexEncode(sha256_hash_value,
-                                            base::SHA256_LENGTH);
+                                            crypto::SHA256_LENGTH);
 
   if (current_extension_fetch_.package_hash != hash_in_hex) {
     NOTREACHED() << "Fetched blacklist checksum is not as expected. "

chrome/browser/extensions/sandboxed_extension_unpacker.cc

@@ -7,7 +7,6 @@
 #include <set>
 
 #include "base/base64.h"
-#include "base/crypto/signature_verifier.h"
 #include "base/file_util.h"
 #include "base/file_util_proxy.h"
 #include "base/memory/scoped_handle.h"
@@ -16,6 +15,7 @@
 #include "base/path_service.h"
 #include "base/task.h"
 #include "base/utf_string_conversions.h"  // TODO(viettrungluu): delete me.
+#include "crypto/signature_verifier.h"
 #include "chrome/browser/extensions/extension_service.h"
 #include "chrome/common/chrome_paths.h"
 #include "chrome/common/chrome_switches.h"
@@ -367,7 +367,7 @@ bool SandboxedExtensionUnpacker::ValidateSignature() {
     return false;
   }
 
-  base::SignatureVerifier verifier;
+  crypto::SignatureVerifier verifier;
   if (!verifier.VerifyInit(extension_misc::kSignatureAlgorithm,
                            sizeof(extension_misc::kSignatureAlgorithm),
                            &signature.front(),

chrome/browser/importer/nss_decryptor_system_nss.cc

@@ -1,4 +1,4 @@
-// Copyright (c) 2009 The Chromium Authors. All rights reserved.
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
@@ -9,9 +9,9 @@
 
 #include "base/basictypes.h"
 #include "base/file_path.h"
-#include "base/nss_util.h"
 #include "base/string_util.h"
 #include "base/sys_string_conversions.h"
+#include "crypto/nss_util.h"
 
 NSSDecryptor::NSSDecryptor() : is_nss_initialized_(false), db_slot_(NULL) {}
 NSSDecryptor::~NSSDecryptor() {
@@ -25,7 +25,7 @@ NSSDecryptor::~NSSDecryptor() {
 }
 
 bool NSSDecryptor::Init(const FilePath& dll_path, const FilePath& db_path) {
-  base::EnsureNSSInit();
+  crypto::EnsureNSSInit();
   is_nss_initialized_ = true;
   const std::string modspec =
       StringPrintf("configDir='%s' tokenDescription='Firefox NSS database' "

chrome/browser/password_manager/encryptor_linux.cc

@@ -4,11 +4,11 @@
 
 #include "chrome/browser/password_manager/encryptor.h"
 
-#include "base/crypto/encryptor.h"
-#include "base/crypto/symmetric_key.h"
 #include "base/logging.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/utf_string_conversions.h"
+#include "crypto/encryptor.h"
+#include "crypto/symmetric_key.h"
 
 namespace {
 
@@ -32,7 +32,7 @@ const char kObfuscationPrefix[] = "v10";
 // Generates a newly allocated SymmetricKey object based a hard-coded password.
 // Ownership of the key is passed to the caller.  Returns NULL key if a key
 // generation error occurs.
-base::SymmetricKey* GetEncryptionKey() {
+crypto::SymmetricKey* GetEncryptionKey() {
   // We currently "obfuscate" by encrypting and decrypting with hard-coded
   // password.  We need to improve this password situation by moving a secure
   // password into a system-level key store.
@@ -41,12 +41,12 @@ base::SymmetricKey* GetEncryptionKey() {
   std::string salt(kSalt);
 
   // Create an encryption key from our password and salt.
-  scoped_ptr<base::SymmetricKey> encryption_key(
+  scoped_ptr<crypto::SymmetricKey> encryption_key(
-      base::SymmetricKey::DeriveKeyFromPassword(base::SymmetricKey::AES,
+      crypto::SymmetricKey::DeriveKeyFromPassword(crypto::SymmetricKey::AES,
-                                                password,
+                                                  password,
-                                                salt,
+                                                  salt,
-                                                kEncryptionIterations,
+                                                  kEncryptionIterations,
-                                                kDerivedKeySizeInBits));
+                                                  kDerivedKeySizeInBits));
   DCHECK(encryption_key.get());
 
   return encryption_key.release();
@@ -81,13 +81,13 @@ bool Encryptor::EncryptString(const std::string& plaintext,
     return true;
   }
 
-  scoped_ptr<base::SymmetricKey> encryption_key(GetEncryptionKey());
+  scoped_ptr<crypto::SymmetricKey> encryption_key(GetEncryptionKey());
   if (!encryption_key.get())
     return false;
 
   std::string iv(kIVBlockSizeAES128, ' ');
-  base::Encryptor encryptor;
+  crypto::Encryptor encryptor;
-  if (!encryptor.Init(encryption_key.get(), base::Encryptor::CBC, iv))
+  if (!encryptor.Init(encryption_key.get(), crypto::Encryptor::CBC, iv))
     return false;
 
   if (!encryptor.Encrypt(plaintext, ciphertext))
@@ -123,13 +123,13 @@ bool Encryptor::DecryptString(const std::string& ciphertext,
   // Strip off the versioning prefix before decrypting.
   std::string raw_ciphertext = ciphertext.substr(strlen(kObfuscationPrefix));
 
-  scoped_ptr<base::SymmetricKey> encryption_key(GetEncryptionKey());
+  scoped_ptr<crypto::SymmetricKey> encryption_key(GetEncryptionKey());
   if (!encryption_key.get())
     return false;
 
   std::string iv(kIVBlockSizeAES128, ' ');
-  base::Encryptor encryptor;
+  crypto::Encryptor encryptor;
-  if (!encryptor.Init(encryption_key.get(), base::Encryptor::CBC, iv))
+  if (!encryptor.Init(encryption_key.get(), crypto::Encryptor::CBC, iv))
     return false;
 
   if (!encryptor.Decrypt(raw_ciphertext, plaintext))

chrome/browser/password_manager/encryptor_mac.mm

@@ -6,11 +6,11 @@
 
 #include <CommonCrypto/CommonCryptor.h>  // for kCCBlockSizeAES128
 
-#include "base/crypto/encryptor.h"
-#include "base/crypto/symmetric_key.h"
 #include "base/logging.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/utf_string_conversions.h"
+#include "crypto/encryptor.h"
+#include "crypto/symmetric_key.h"
 #include "chrome/browser/password_manager/encryptor_password_mac.h"
 #include "chrome/browser/keychain_mac.h"
 
@@ -37,7 +37,7 @@ const char kEncryptionVersionPrefix[] = "v10";
 // in the Keychain.  The generated key is for AES encryption.  Ownership of the
 // key is passed to the caller.  Returns NULL key in the case password access
 // is denied or key generation error occurs.
-base::SymmetricKey* GetEncryptionKey() {
+crypto::SymmetricKey* GetEncryptionKey() {
 
   std::string password;
   if (use_mock_keychain) {
@@ -54,12 +54,12 @@ base::SymmetricKey* GetEncryptionKey() {
   std::string salt(kSalt);
 
   // Create an encryption key from our password and salt.
-  scoped_ptr<base::SymmetricKey> encryption_key(
+  scoped_ptr<crypto::SymmetricKey> encryption_key(
-      base::SymmetricKey::DeriveKeyFromPassword(base::SymmetricKey::AES,
+      crypto::SymmetricKey::DeriveKeyFromPassword(crypto::SymmetricKey::AES,
-                                                password,
+                                                  password,
-                                                salt,
+                                                  salt,
-                                                kEncryptionIterations,
+                                                  kEncryptionIterations,
-                                                kDerivedKeySizeInBits));
+                                                  kDerivedKeySizeInBits));
   DCHECK(encryption_key.get());
 
   return encryption_key.release();
@@ -89,13 +89,13 @@ bool Encryptor::EncryptString(const std::string& plaintext,
     return true;
   }
 
-  scoped_ptr<base::SymmetricKey> encryption_key(GetEncryptionKey());
+  scoped_ptr<crypto::SymmetricKey> encryption_key(GetEncryptionKey());
   if (!encryption_key.get())
     return false;
 
   std::string iv(kCCBlockSizeAES128, ' ');
-  base::Encryptor encryptor;
+  crypto::Encryptor encryptor;
-  if (!encryptor.Init(encryption_key.get(), base::Encryptor::CBC, iv))
+  if (!encryptor.Init(encryption_key.get(), crypto::Encryptor::CBC, iv))
     return false;
 
   if (!encryptor.Encrypt(plaintext, ciphertext))
@@ -127,13 +127,13 @@ bool Encryptor::DecryptString(const std::string& ciphertext,
   std::string raw_ciphertext =
       ciphertext.substr(strlen(kEncryptionVersionPrefix));
 
-  scoped_ptr<base::SymmetricKey> encryption_key(GetEncryptionKey());
+  scoped_ptr<crypto::SymmetricKey> encryption_key(GetEncryptionKey());
   if (!encryption_key.get())
     return false;
 
   std::string iv(kCCBlockSizeAES128, ' ');
-  base::Encryptor encryptor;
+  crypto::Encryptor encryptor;
-  if (!encryptor.Init(encryption_key.get(), base::Encryptor::CBC, iv))
+  if (!encryptor.Init(encryption_key.get(), crypto::Encryptor::CBC, iv))
     return false;
 
   if (!encryptor.Decrypt(raw_ciphertext, plaintext))

chrome/browser/safe_browsing/filter_false_positive_perftest.cc

@@ -64,10 +64,10 @@
 #include "base/memory/scoped_ptr.h"
 #include "base/path_service.h"
 #include "base/rand_util.h"
-#include "base/sha2.h"
 #include "base/string_number_conversions.h"
 #include "base/string_util.h"
 #include "base/time.h"
+#include "crypto/sha2.h"
 #include "chrome/browser/safe_browsing/bloom_filter.h"
 #include "chrome/browser/safe_browsing/safe_browsing_util.h"
 #include "chrome/common/chrome_paths.h"
@@ -176,7 +176,7 @@ int GeneratePrefixHits(const std::string url,
   for (size_t i = 0; i < hosts.size(); ++i) {
     for (size_t j = 0; j < paths.size(); ++j) {
       SBPrefix prefix;
-      base::SHA256HashString(hosts[i] + paths[j], &prefix, sizeof(prefix));
+      crypto::SHA256HashString(hosts[i] + paths[j], &prefix, sizeof(prefix));
       if (bloom_filter->Exists(prefix))
         prefixes->push_back(prefix);
     }

chrome/browser/safe_browsing/safe_browsing_database.cc

@@ -13,7 +13,7 @@
 #include "base/time.h"
 #include "base/message_loop.h"
 #include "base/process_util.h"
-#include "base/sha2.h"
+#include "crypto/sha2.h"
 #include "chrome/browser/safe_browsing/bloom_filter.h"
 #include "chrome/browser/safe_browsing/prefix_set.h"
 #include "chrome/browser/safe_browsing/safe_browsing_store_file.h"
@@ -71,8 +71,8 @@ void GetDownloadUrlPrefix(const GURL& url, SBPrefix* prefix) {
   safe_browsing_util::CanonicalizeUrl(url, &hostname, &path, &query);
 
   SBFullHash full_hash;
-  base::SHA256HashString(hostname + path + query, &full_hash,
+  crypto::SHA256HashString(hostname + path + query, &full_hash,
-                         sizeof(full_hash));
+                           sizeof(full_hash));
   *prefix = full_hash.prefix;
 }
 
@@ -103,8 +103,8 @@ void BrowseFullHashesToCheck(const GURL& url,
     for (size_t j = 0; j < paths.size(); ++j) {
       const std::string& path = paths[j];
       SBFullHash full_hash;
-      base::SHA256HashString(hosts[i] + path, &full_hash,
+      crypto::SHA256HashString(hosts[i] + path, &full_hash,
-                             sizeof(full_hash));
+                               sizeof(full_hash));
       full_hashes->push_back(full_hash);
 
       // We may have /foo as path-prefix in the whitelist which should
@@ -113,8 +113,8 @@ void BrowseFullHashesToCheck(const GURL& url,
       if (include_whitelist_hashes &&
           path.size() > 1 &&
           path[path.size() - 1] == '/') {
-        base::SHA256HashString(hosts[i] + path.substr(0, path.size() - 1),
+        crypto::SHA256HashString(hosts[i] + path.substr(0, path.size() - 1),
-                               &full_hash, sizeof(full_hash));
+                                 &full_hash, sizeof(full_hash));
         full_hashes->push_back(full_hash);
       }
     }
@@ -1297,7 +1297,8 @@ void SafeBrowsingDatabaseNew::LoadCsdWhitelist(
   std::sort(new_csd_whitelist.begin(), new_csd_whitelist.end());
 
   SBFullHash kill_switch;
-  base::SHA256HashString(kCsdKillSwitchUrl, &kill_switch, sizeof(kill_switch));
+  crypto::SHA256HashString(kCsdKillSwitchUrl, &kill_switch,
+                           sizeof(kill_switch));
   if (std::binary_search(new_csd_whitelist.begin(), new_csd_whitelist.end(),
                          kill_switch)) {
     // The kill switch is whitelisted hence we whitelist all URLs.

chrome/browser/safe_browsing/safe_browsing_database_unittest.cc

@@ -10,8 +10,8 @@
 #include "base/logging.h"
 #include "base/memory/scoped_temp_dir.h"
 #include "base/message_loop.h"
-#include "base/sha2.h"
 #include "base/time.h"
+#include "crypto/sha2.h"
 #include "chrome/browser/safe_browsing/safe_browsing_database.h"
 #include "chrome/browser/safe_browsing/safe_browsing_store_file.h"
 #include "chrome/browser/safe_browsing/safe_browsing_store_unittest_helper.h"
@@ -26,13 +26,13 @@ namespace {
 
 SBPrefix Sha256Prefix(const std::string& str) {
   SBPrefix prefix;
-  base::SHA256HashString(str, &prefix, sizeof(prefix));
+  crypto::SHA256HashString(str, &prefix, sizeof(prefix));
   return prefix;
 }
 
 SBFullHash Sha256Hash(const std::string& str) {
   SBFullHash hash;
-  base::SHA256HashString(str, &hash, sizeof(hash));
+  crypto::SHA256HashString(str, &hash, sizeof(hash));
   return hash;
 }
 

chrome/browser/safe_browsing/safe_browsing_service_browsertest.cc

@@ -9,7 +9,7 @@
 #include "base/command_line.h"
 #include "base/memory/ref_counted.h"
 #include "base/metrics/histogram.h"
-#include "base/sha2.h"
+#include "crypto/sha2.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/safe_browsing/safe_browsing_database.h"
 #include "chrome/browser/safe_browsing/safe_browsing_service.h"
@@ -256,8 +256,8 @@ class SafeBrowsingServiceTest : public InProcessBrowserTest {
     std::string host;
     std::string path;
     safe_browsing_util::CanonicalizeUrl(url, &host, &path, NULL);
-    base::SHA256HashString(host + path, &full_hash->hash,
+    crypto::SHA256HashString(host + path, &full_hash->hash,
-                           sizeof(SBFullHash));
+                             sizeof(SBFullHash));
     full_hash->list_name = list_name;
     full_hash->add_chunk_id = add_chunk_id;
   }

chrome/browser/safe_browsing/safe_browsing_store_unittest_helper.h

@@ -1,4 +1,4 @@
-// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
@@ -8,7 +8,7 @@
 
 #include "chrome/browser/safe_browsing/safe_browsing_store.h"
 
-#include "base/sha2.h"
+#include "crypto/sha2.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
 // Helper code for testing that a SafeBrowsingStore implementation
@@ -17,7 +17,7 @@
 // Helper to make it easy to initialize SBFullHash constants.
 inline const SBFullHash SBFullHashFromString(const char* str) {
   SBFullHash h;
-  base::SHA256HashString(str, &h.full_hash, sizeof(h.full_hash));
+  crypto::SHA256HashString(str, &h.full_hash, sizeof(h.full_hash));
   return h;
 }
 

chrome/browser/safe_browsing/safe_browsing_util.cc

@@ -1,13 +1,13 @@
-// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/safe_browsing/safe_browsing_util.h"
 
 #include "base/base64.h"
-#include "base/hmac.h"
-#include "base/sha2.h"
 #include "base/string_util.h"
+#include "crypto/hmac.h"
+#include "crypto/sha2.h"
 #include "chrome/browser/google/google_util.h"
 #include "googleurl/src/gurl.h"
 #include "googleurl/src/url_util.h"
@@ -436,9 +436,9 @@ int GetUrlHashIndex(const GURL& url,
   for (size_t h = 0; h < hosts.size(); ++h) {
     for (size_t p = 0; p < paths.size(); ++p) {
       SBFullHash key;
-      base::SHA256HashString(hosts[h] + paths[p],
+      crypto::SHA256HashString(hosts[h] + paths[p],
-                             key.full_hash,
+                               key.full_hash,
-                             sizeof(SBFullHash));
+                               sizeof(SBFullHash));
       int index = GetHashIndex(key, full_hashes);
       if (index != -1) return index;
     }
@@ -485,7 +485,7 @@ bool VerifyMAC(const std::string& key, const std::string& mac,
   std::string decoded_mac;
   base::Base64Decode(mac_copy, &decoded_mac);
 
-  base::HMAC hmac(base::HMAC::SHA1);
+  crypto::HMAC hmac(crypto::HMAC::SHA1);
   if (!hmac.Init(decoded_key))
     return false;
   const std::string data_str(data, data_length);
@@ -520,12 +520,12 @@ GURL GeneratePhishingReportUrl(const std::string& report_page,
 }
 
 void StringToSBFullHash(const std::string& hash_in, SBFullHash* hash_out) {
-  DCHECK_EQ(static_cast<size_t>(base::SHA256_LENGTH), hash_in.size());
+  DCHECK_EQ(static_cast<size_t>(crypto::SHA256_LENGTH), hash_in.size());
-  memcpy(hash_out->full_hash, hash_in.data(), base::SHA256_LENGTH);
+  memcpy(hash_out->full_hash, hash_in.data(), crypto::SHA256_LENGTH);
 }
 
 std::string SBFullHashToString(const SBFullHash& hash) {
-  DCHECK_EQ(static_cast<size_t>(base::SHA256_LENGTH), sizeof(hash.full_hash));
+  DCHECK_EQ(static_cast<size_t>(crypto::SHA256_LENGTH), sizeof(hash.full_hash));
   return std::string(hash.full_hash, sizeof(hash.full_hash));
 }
 }  // namespace safe_browsing_util

chrome/browser/safe_browsing/safe_browsing_util_unittest.cc

@@ -1,11 +1,11 @@
-// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <algorithm>
 
-#include "base/sha2.h"
 #include "base/string_util.h"
+#include "crypto/sha2.h"
 #include "chrome/browser/safe_browsing/safe_browsing_util.h"
 #include "googleurl/src/gurl.h"
 #include "testing/gtest/include/gtest/gtest.h"
@@ -283,7 +283,7 @@ TEST(SafeBrowsingUtilTest, CanonicalizeUrl) {
 TEST(SafeBrowsingUtilTest, GetUrlHashIndex) {
   GURL url("http://www.evil.com/phish.html");
   SBFullHashResult full_hash;
-  base::SHA256HashString(url.host() + url.path(),
+  crypto::SHA256HashString(url.host() + url.path(),
                          &full_hash.hash,
                          sizeof(SBFullHash));
   std::vector<SBFullHashResult> full_hashes;

chrome/browser/sync/util/nigori.cc

@@ -1,4 +1,4 @@
-// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
@@ -14,18 +14,18 @@
 #include <vector>
 
 #include "base/base64.h"
-#include "base/crypto/encryptor.h"
-#include "base/hmac.h"
 #include "base/logging.h"
 #include "base/rand_util.h"
 #include "base/string_util.h"
+#include "crypto/encryptor.h"
+#include "crypto/hmac.h"
 
 using base::Base64Encode;
 using base::Base64Decode;
-using base::Encryptor;
-using base::HMAC;
 using base::RandInt;
-using base::SymmetricKey;
+using crypto::Encryptor;
+using crypto::HMAC;
+using crypto::SymmetricKey;
 
 namespace browser_sync {
 

chrome/browser/sync/util/nigori.h

@@ -8,8 +8,8 @@
 
 #include <string>
 
-#include "base/crypto/symmetric_key.h"
 #include "base/memory/scoped_ptr.h"
+#include "crypto/symmetric_key.h"
 
 namespace browser_sync {
 
@@ -73,9 +73,9 @@ class Nigori {
   static const size_t kSigningIterations = 1004;
 
  private:
-  scoped_ptr<base::SymmetricKey> user_key_;
+  scoped_ptr<crypto::SymmetricKey> user_key_;
-  scoped_ptr<base::SymmetricKey> encryption_key_;
+  scoped_ptr<crypto::SymmetricKey> encryption_key_;
-  scoped_ptr<base::SymmetricKey> mac_key_;
+  scoped_ptr<crypto::SymmetricKey> mac_key_;
 };
 
 }  // namespace browser_sync

chrome/browser/ui/crypto_module_password_dialog.h

@@ -12,7 +12,7 @@
 #include "base/callback.h"
 #include "base/memory/ref_counted.h"
 
-namespace base {
+namespace crypto {
 class CryptoModuleBlockingPasswordDelegate;
 }
 
@@ -48,7 +48,7 @@ void ShowCryptoModulePasswordDialog(const std::string& module_name,
 
 // Returns a CryptoModuleBlockingPasswordDelegate to open a dialog and block
 // until returning. Should only be used on a worker thread.
-base::CryptoModuleBlockingPasswordDelegate*
+crypto::CryptoModuleBlockingPasswordDelegate*
     NewCryptoModuleBlockingDialogDelegate(
         CryptoModulePasswordReason reason,
         const std::string& server);

chrome/browser/ui/crypto_module_password_dialog_nss.cc

@@ -12,7 +12,7 @@
 #include "net/base/x509_certificate.h"
 
 #if defined(OS_CHROMEOS)
-#include "base/nss_util.h"
+#include "crypto/nss_util.h"
 #endif
 
 namespace {
@@ -66,11 +66,11 @@ void SlotUnlocker::Start() {
   for (; current_ < modules_.size(); ++current_) {
     if (ShouldShowDialog(modules_[current_].get())) {
 #if defined(OS_CHROMEOS)
-      if (modules_[current_]->GetTokenName() == base::GetTPMTokenName()) {
+      if (modules_[current_]->GetTokenName() == crypto::GetTPMTokenName()) {
         // The user PIN is a well known secret on this machine, and
         // the user didn't set it, so we need to fetch the value and
         // supply it for them here.
-        GotPassword(base::GetTPMUserPIN().c_str());
+        GotPassword(crypto::GetTPMUserPIN().c_str());
         return;
       }
 #endif

chrome/browser/ui/gtk/certificate_viewer.cc

@@ -11,7 +11,6 @@
 
 #include "base/i18n/time_formatting.h"
 #include "base/memory/scoped_ptr.h"
-#include "base/nss_util.h"
 #include "base/string_number_conversions.h"
 #include "base/time.h"
 #include "base/utf_string_conversions.h"

chrome/browser/ui/gtk/crypto_module_password_dialog.cc

@@ -7,10 +7,10 @@
 #include <gtk/gtk.h>
 
 #include "base/basictypes.h"
-#include "base/crypto/crypto_module_blocking_password_delegate.h"
 #include "base/synchronization/waitable_event.h"
 #include "base/task.h"
 #include "base/utf_string_conversions.h"
+#include "crypto/crypto_module_blocking_password_delegate.h"
 #include "chrome/browser/ui/gtk/gtk_util.h"
 #include "content/browser/browser_thread.h"
 #include "googleurl/src/gurl.h"
@@ -21,7 +21,7 @@
 namespace {
 
 class CryptoModuleBlockingDialogDelegate
-    : public base::CryptoModuleBlockingPasswordDelegate {
+    : public crypto::CryptoModuleBlockingPasswordDelegate {
  public:
   CryptoModuleBlockingDialogDelegate(browser::CryptoModulePasswordReason reason,
                                      const std::string& server)
@@ -36,7 +36,7 @@ class CryptoModuleBlockingDialogDelegate
     password_.replace(0, password_.size(), password_.size(), 0);
   }
 
-  // base::CryptoModuleBlockingDialogDelegate implementation.
+  // crypto::CryptoModuleBlockingDialogDelegate implementation.
   virtual std::string RequestPassword(const std::string& slot_name, bool retry,
                                       bool* cancelled) {
     DCHECK(!BrowserThread::CurrentlyOn(BrowserThread::UI));
@@ -220,7 +220,7 @@ void ShowCryptoModulePasswordDialog(const std::string& slot_name,
                                   callback))->Show();
 }
 
-base::CryptoModuleBlockingPasswordDelegate*
+crypto::CryptoModuleBlockingPasswordDelegate*
     NewCryptoModuleBlockingDialogDelegate(
         CryptoModulePasswordReason reason,
         const std::string& server) {

chrome/browser/ui/gtk/ssl_client_certificate_selector.cc

@@ -11,7 +11,6 @@
 
 #include "base/i18n/time_formatting.h"
 #include "base/logging.h"
-#include "base/nss_util.h"
 #include "base/utf_string_conversions.h"
 #include "chrome/browser/ssl/ssl_client_auth_handler.h"
 #include "chrome/browser/ui/crypto_module_password_dialog.h"

chrome/browser/ui/webui/options/certificate_manager_handler.cc

@@ -6,7 +6,6 @@
 
 #include "base/file_util.h"  // for FileAccessProvider
 #include "base/memory/scoped_vector.h"
-#include "base/nss_util.h"
 #include "base/safe_strerror_posix.h"
 #include "base/string_number_conversions.h"
 #include "base/values.h"

chrome/chrome.gyp

@@ -622,11 +622,13 @@
       'dependencies': [
         'common',
         '../base/base.gyp:base',
+        '../crypto/crypto.gyp:crypto',
         '../skia/skia.gyp:skia',
         'browser/sync/protocol/sync_proto.gyp:sync_proto_cpp',
       ],
       'export_dependent_settings': [
         '../base/base.gyp:base',
+        '../crypto/crypto.gyp:crypto',
         'browser/sync/protocol/sync_proto.gyp:sync_proto_cpp',
       ],
       # This target exports a hard dependency because its header files include

chrome/chrome_browser.gypi

@@ -29,6 +29,7 @@
         '../app/app.gyp:app_resources',
         '../build/temp_gyp/googleurl.gyp:googleurl',
         '../content/content.gyp:content_browser',
+        '../crypto/crypto.gyp:crypto',
         '../gpu/gpu.gyp:gpu_common',
         '../media/media.gyp:media',
         '../ppapi/ppapi.gyp:ppapi_proxy',  # For PpapiMsg_LoadPlugin

chrome/chrome_dll.gypi

@@ -82,6 +82,7 @@
                 'chrome_resources',
                 'installer_util_strings',
                 '../content/content.gyp:content_worker',
+                '../crypto/crypto.gyp:crypto',
                 '../printing/printing.gyp:printing',
                 '../net/net.gyp:net_resources',
                 '../third_party/cld/cld.gyp:cld',
@@ -276,6 +277,7 @@
               'dependencies': [
                 # Bring in pdfsqueeze and run it on all pdfs
                 '../build/temp_gyp/pdfsqueeze.gyp:pdfsqueeze',
+                '../crypto/crypto.gyp:crypto',
                 # On Mac, Flash gets put into the framework, so we need this
                 # dependency here. flash_player.gyp will copy the Flash bundle
                 # into PRODUCT_DIR.

chrome/common/extensions/extension.cc

@@ -14,14 +14,14 @@
 #include "base/i18n/rtl.h"
 #include "base/logging.h"
 #include "base/memory/singleton.h"
-#include "base/sha2.h"
 #include "base/stl_util-inl.h"
-#include "base/third_party/nss/blapi.h"
 #include "base/string16.h"
 #include "base/string_number_conversions.h"
 #include "base/utf_string_conversions.h"
 #include "base/values.h"
 #include "base/version.h"
+#include "crypto/sha2.h"
+#include "crypto/third_party/nss/blapi.h"
 #include "chrome/common/chrome_constants.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/chrome_version_info.h"
@@ -622,7 +622,7 @@ GURL Extension::GetResourceURL(const GURL& extension_url,
 bool Extension::GenerateId(const std::string& input, std::string* output) {
   CHECK(output);
   uint8 hash[Extension::kIdSize];
-  base::SHA256HashString(input, hash, sizeof(hash));
+  crypto::SHA256HashString(input, hash, sizeof(hash));
   *output = StringToLowerASCII(base::HexEncode(hash, sizeof(hash)));
   ConvertHexadecimalToIDAlphabet(output);
 

chrome/common/net/x509_certificate_model_nss.cc

@@ -14,8 +14,8 @@
 #include <sechash.h>
 
 #include "base/logging.h"
-#include "base/nss_util.h"
 #include "base/string_number_conversions.h"
+#include "crypto/nss_util.h"
 #include "net/base/x509_certificate.h"
 #include "chrome/third_party/mozilla_security_manager/nsNSSCertHelper.h"
 #include "chrome/third_party/mozilla_security_manager/nsNSSCertificate.h"
@@ -198,8 +198,8 @@ bool GetTimes(X509Certificate::OSCertHandle cert_handle,
               base::Time* issued, base::Time* expires) {
   PRTime pr_issued, pr_expires;
   if (CERT_GetCertTimes(cert_handle, &pr_issued, &pr_expires) == SECSuccess) {
-    *issued = base::PRTimeToBaseTime(pr_issued);
+    *issued = crypto::PRTimeToBaseTime(pr_issued);
-    *expires = base::PRTimeToBaseTime(pr_expires);
+    *expires = crypto::PRTimeToBaseTime(pr_expires);
     return true;
   }
   return false;

chrome/renderer/render_process_impl.cc

@@ -18,10 +18,10 @@
 #include "base/file_util.h"
 #include "base/message_loop.h"
 #include "base/metrics/histogram.h"
-#include "base/nss_util.h"
 #include "base/path_service.h"
 #include "base/sys_info.h"
 #include "base/utf_string_conversions.h"
+#include "crypto/nss_util.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/chrome_paths.h"
 #include "chrome/common/render_messages.h"
@@ -167,9 +167,9 @@ RenderProcessImpl::RenderProcessImpl()
 #if defined(USE_NSS)
     // We are going to fork to engage the sandbox and we have not loaded
     // any security modules so it is safe to disable the fork check in NSS.
-    base::DisableNSSForkCheck();
+    crypto::DisableNSSForkCheck();
-    base::ForceNSSNoDBInit();
+    crypto::ForceNSSNoDBInit();
-    base::EnsureNSSInit();
+    crypto::EnsureNSSInit();
 #else
     // TODO(bulach): implement openssl support.
     NOTREACHED() << "Remoting is not supported for openssl";

chrome/renderer/safe_browsing/phishing_classifier.cc

@@ -1,4 +1,4 @@
-// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
@@ -9,8 +9,8 @@
 #include "base/callback.h"
 #include "base/compiler_specific.h"
 #include "base/logging.h"
-#include "base/sha2.h"
 #include "base/string_util.h"
+#include "crypto/sha2.h"
 #include "chrome/common/url_constants.h"
 #include "chrome/renderer/safe_browsing/feature_extractor_clock.h"
 #include "chrome/renderer/safe_browsing/features.h"
@@ -160,7 +160,7 @@ void PhishingClassifier::TermExtractionFinished(bool success) {
          it != features_->features().end(); ++it) {
       VLOG(2) << "Feature: " << it->first << " = " << it->second;
       bool result = hashed_features.AddRealFeature(
-          base::SHA256HashString(it->first), it->second);
+          crypto::SHA256HashString(it->first), it->second);
       DCHECK(result);
     }
 

chrome/renderer/safe_browsing/phishing_classifier_browsertest.cc

@@ -12,9 +12,9 @@
 #include <string>
 
 #include "base/memory/scoped_ptr.h"
-#include "base/sha2.h"
 #include "base/string16.h"
 #include "base/utf_string_conversions.h"
+#include "crypto/sha2.h"
 #include "chrome/renderer/safe_browsing/client_model.pb.h"
 #include "chrome/renderer/safe_browsing/features.h"
 #include "chrome/renderer/safe_browsing/mock_feature_extractor_clock.h"
@@ -33,13 +33,13 @@ class PhishingClassifierTest : public RenderViewFakeResourcesTest {
     // Construct a model to test with.  We include one feature from each of
     // the feature extractors, which allows us to verify that they all ran.
     ClientSideModel model;
-    model.add_hashes(base::SHA256HashString(features::kUrlTldToken +
+    model.add_hashes(crypto::SHA256HashString(features::kUrlTldToken +
-                                            std::string("net")));
+                                              std::string("net")));
-    model.add_hashes(base::SHA256HashString(features::kPageLinkDomain +
+    model.add_hashes(crypto::SHA256HashString(features::kPageLinkDomain +
-                                            std::string("phishing.com")));
+                                              std::string("phishing.com")));
-    model.add_hashes(base::SHA256HashString(features::kPageTerm +
+    model.add_hashes(crypto::SHA256HashString(features::kPageTerm +
-                                            std::string("login")));
+                                              std::string("login")));
-    model.add_hashes(base::SHA256HashString("login"));
+    model.add_hashes(crypto::SHA256HashString("login"));
 
     // Add a default rule with a non-phishy weight.
     ClientSideModel::Rule* rule = model.add_rule();

chrome/renderer/safe_browsing/phishing_term_feature_extractor.cc

@@ -1,4 +1,4 @@
-// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
@@ -10,10 +10,10 @@
 #include "base/compiler_specific.h"
 #include "base/logging.h"
 #include "base/message_loop.h"
-#include "base/sha2.h"
 #include "base/metrics/histogram.h"
 #include "base/time.h"
 #include "base/utf_string_conversions.h"
+#include "crypto/sha2.h"
 #include "chrome/renderer/safe_browsing/feature_extractor_clock.h"
 #include "chrome/renderer/safe_browsing/features.h"
 #include "ui/base/l10n/l10n_util.h"
@@ -200,7 +200,7 @@ void PhishingTermFeatureExtractor::ExtractFeaturesWithTimeout() {
 
 void PhishingTermFeatureExtractor::HandleWord(const string16& word) {
   std::string word_lower = UTF16ToUTF8(l10n_util::ToLower(word));
-  std::string word_hash = base::SHA256HashString(word_lower);
+  std::string word_hash = crypto::SHA256HashString(word_lower);
 
   // Quick out if the word is not part of any term, which is the common case.
   if (page_word_hashes_->find(word_hash) == page_word_hashes_->end()) {
@@ -234,7 +234,7 @@ void PhishingTermFeatureExtractor::HandleWord(const string16& word) {
   std::string current_term = state_->previous_words;
   for (std::list<size_t>::iterator it = state_->previous_word_sizes.begin();
        it != state_->previous_word_sizes.end(); ++it) {
-    hashes_to_check[base::SHA256HashString(current_term)] = current_term;
+    hashes_to_check[crypto::SHA256HashString(current_term)] = current_term;
     current_term.erase(0, *it);
   }
 

chrome/renderer/safe_browsing/phishing_term_feature_extractor_unittest.cc

@@ -10,11 +10,11 @@
 #include "base/hash_tables.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/message_loop.h"
-#include "base/sha2.h"
 #include "base/string16.h"
 #include "base/stringprintf.h"
 #include "base/time.h"
 #include "base/utf_string_conversions.h"
+#include "crypto/sha2.h"
 #include "chrome/renderer/safe_browsing/features.h"
 #include "chrome/renderer/safe_browsing/mock_feature_extractor_clock.h"
 #include "testing/gmock/include/gmock/gmock.h"
@@ -44,7 +44,7 @@ class PhishingTermFeatureExtractorTest : public ::testing::Test {
 
     for (base::hash_set<std::string>::iterator it = terms.begin();
          it != terms.end(); ++it) {
-      term_hashes_.insert(base::SHA256HashString(*it));
+      term_hashes_.insert(crypto::SHA256HashString(*it));
     }
 
     base::hash_set<std::string> words;
@@ -62,7 +62,7 @@ class PhishingTermFeatureExtractorTest : public ::testing::Test {
 
     for (base::hash_set<std::string>::iterator it = words.begin();
          it != words.end(); ++it) {
-      word_hashes_.insert(base::SHA256HashString(*it));
+      word_hashes_.insert(crypto::SHA256HashString(*it));
     }
 
     extractor_.reset(new PhishingTermFeatureExtractor(

chrome/service/service_process_unittest.cc

@@ -8,7 +8,6 @@
 
 #include "base/base64.h"
 #include "base/command_line.h"
-#include "base/crypto/rsa_private_key.h"
 #include "base/message_loop.h"
 #include "base/synchronization/waitable_event.h"
 #include "chrome/common/service_process_util.h"

content/DEPS

@@ -2,6 +2,7 @@
 # src/chrome in src/content.
 include_rules = [
   "+app",
+  "+crypto",
 
   # TEMPORARY ONLY WHILE WE REDUCE THE DEPENDENCIES.
   # When the src\content refactoring is complete, this will be unnecessary (and

content/browser/zygote_main_linux.cc

@@ -29,13 +29,13 @@
 #include "base/hash_tables.h"
 #include "base/linux_util.h"
 #include "base/memory/scoped_ptr.h"
-#include "base/nss_util.h"
 #include "base/path_service.h"
 #include "base/pickle.h"
 #include "base/process_util.h"
 #include "base/rand_util.h"
 #include "base/sys_info.h"
 #include "build/build_config.h"
+#include "crypto/nss_util.h"
 #include "chrome/common/chrome_paths.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/pepper_plugin_registry.h"
@@ -608,7 +608,7 @@ static void PreSandboxInit() {
   // NSS libraries are loaded before sandbox is activated. This is to allow
   // successful initialization of NSS which tries to load extra library files.
   // Doing so will allow NSS to be used within sandbox for chromoting.
-  base::LoadNSSLibraries();
+  crypto::LoadNSSLibraries();
 #else
     // TODO(bulach): implement openssl support.
     NOTREACHED() << "Remoting is not supported for openssl";

crypto/OWNERS

@@ -0,0 +1,5 @@
+set noparent
+agl@chromium.org
+rsleevi@chromium.org
+rvargas@chromium.org
+wtc@chromium.org

crypto/capi_util.cc

@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "base/crypto/capi_util.h"
+#include "crypto/capi_util.h"
 
 #include "base/basictypes.h"
 #include "base/memory/singleton.h"
@@ -35,16 +35,15 @@ class CAPIUtilSingleton {
 
 }  // namespace
 
-namespace base {
+namespace crypto {
 
 BOOL CryptAcquireContextLocked(HCRYPTPROV* prov,
                                LPCWSTR container,
                                LPCWSTR provider,
                                DWORD prov_type,
-                               DWORD flags)
+                               DWORD flags) {
-{
   base::AutoLock lock(CAPIUtilSingleton::GetInstance()->acquire_context_lock());
   return CryptAcquireContext(prov, container, provider, prov_type, flags);
 }
 
-}  // namespace base
+}  // namespace crypto

crypto/capi_util.h

@@ -2,16 +2,14 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#ifndef BASE_CRYPTO_CAPI_UTIL_H_
+#ifndef CRYPTO_CAPI_UTIL_H_
-#define BASE_CRYPTO_CAPI_UTIL_H_
+#define CRYPTO_CAPI_UTIL_H_
 #pragma once
 
 #include <windows.h>
 #include <wincrypt.h>
 
-#include "base/base_api.h"
+namespace crypto {
-
-namespace base {
 
 // CryptAcquireContext when passed CRYPT_NEWKEYSET or CRYPT_DELETEKEYSET in
 // flags is not thread-safe. For such calls, we create a global lock to
@@ -23,12 +21,12 @@ namespace base {
 // "The CryptAcquireContext function is generally thread safe unless
 // CRYPT_NEWKEYSET or CRYPT_DELETEKEYSET is specified in the dwFlags
 // parameter."
-BASE_API BOOL CryptAcquireContextLocked(HCRYPTPROV* prov,
+BOOL CryptAcquireContextLocked(HCRYPTPROV* prov,
-                                        LPCWSTR container,
+                               LPCWSTR container,
-                                        LPCWSTR provider,
+                               LPCWSTR provider,
-                                        DWORD prov_type,
+                               DWORD prov_type,
-                                        DWORD flags);
+                               DWORD flags);
 
-}  // namespace base
+}  // namespace crypto
 
-#endif  // BASE_CRYPTO_CAPI_UTIL_H_
+#endif  // CRYPTO_CAPI_UTIL_H_

crypto/crypto.gyp

@@ -0,0 +1,223 @@
+# Copyright (c) 2011 The Chromium Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+{
+  'variables': {
+    'chromium_code': 1,
+  },
+  'targets': [
+    {
+      'target_name': 'crypto',
+      'type': '<(library)',
+      'dependencies': [
+        '../base/base.gyp:base',
+      ],
+      'msvs_disabled_warnings': [
+        4018,
+      ],
+      'conditions': [
+        [ 'OS == "linux" or OS == "freebsd" or OS == "openbsd" or OS == "solaris"', {
+          'conditions': [
+            [ 'chromeos==1', {
+                'sources/': [ ['include', '_chromeos\\.cc$'] ]
+              },
+            ],
+            [ 'use_openssl==1', {
+                'dependencies': [
+                  '../third_party/openssl/openssl.gyp:openssl',
+                ],
+              }, {  # use_openssl==0
+                'dependencies': [
+                  '../build/linux/system.gyp:nss',
+                ],
+                'export_dependent_settings': [
+                  '../build/linux/system.gyp:nss',
+                ],
+              }
+            ],
+          ],
+        }, {  # OS != "linux" and OS != "freebsd" and OS != "openbsd" and OS != "solaris"
+            'sources/': [
+              ['exclude', '_nss\.cc$'],
+            ],
+        }],
+        [ 'OS == "freebsd" or OS == "openbsd"', {
+          'link_settings': {
+            'libraries': [
+              '-L/usr/local/lib -lexecinfo',
+              ],
+            },
+          },
+        ],
+        [ 'OS == "mac"', {
+          'link_settings': {
+            'libraries': [
+              '$(SDKROOT)/System/Library/Frameworks/Security.framework',
+            ],
+          },
+        }, {  # OS != "mac"
+          'sources!': [
+            'cssm_init.cc',
+            'cssm_init.h',
+            'mac_security_services_lock.cc',
+            'mac_security_services_lock.h',
+          ],
+        }],
+        [ 'OS == "mac" or OS == "win"', {
+            'dependencies': [
+              '../third_party/nss/nss.gyp:nss',
+            ],
+        },],
+        [ 'OS != "win"', {
+            'sources!': [
+              'capi_util.h',
+              'capi_util.cc',
+            ],
+        },],
+        [ 'use_openssl==1', {
+            # TODO(joth): Use a glob to match exclude patterns once the
+            #             OpenSSL file set is complete.
+            'sources!': [
+              'encryptor_nss.cc',
+              'hmac_nss.cc',
+              'nss_util.cc',
+              'nss_util.h',
+              'rsa_private_key_nss.cc',
+              'secure_hash_default.cc',
+              'signature_creator_nss.cc',
+              'signature_verifier_nss.cc',
+              'symmetric_key_nss.cc',
+              'third_party/nss/blapi.h',
+              'third_party/nss/blapit.h',
+              'third_party/nss/sha256.h',
+              'third_party/nss/sha512.cc',
+            ],
+          }, {
+            'sources!': [
+              'encryptor_openssl.cc',
+              'hmac_openssl.cc',
+              'openssl_util.cc',
+              'openssl_util.h',
+              'rsa_private_key_openssl.cc',
+              'secure_hash_openssl.cc',
+              'signature_creator_openssl.cc',
+              'signature_verifier_openssl.cc',
+              'symmetric_key_openssl.cc',
+            ],
+        },],
+      ],
+      'sources': [
+        'capi_util.cc',
+        'capi_util.h',
+        'crypto_module_blocking_password_delegate.h',
+        'cssm_init.cc',
+        'cssm_init.h',
+        'encryptor.h',
+        'encryptor_mac.cc',
+        'encryptor_nss.cc',
+        'encryptor_openssl.cc',
+        'encryptor_win.cc',
+        'hmac.h',
+        'hmac_mac.cc',
+        'hmac_nss.cc',
+        'hmac_openssl.cc',
+        'hmac_win.cc',
+        'mac_security_services_lock.cc',
+        'mac_security_services_lock.h',
+        'openssl_util.cc',
+        'openssl_util.h',
+        'nss_util.cc',
+        'nss_util.h',
+        'nss_util_internal.h',
+        'rsa_private_key.h',
+        'rsa_private_key.cc',
+        'rsa_private_key_mac.cc',
+        'rsa_private_key_nss.cc',
+        'rsa_private_key_openssl.cc',
+        'rsa_private_key_win.cc',
+        'scoped_capi_types.h',
+        'scoped_nss_types.h',
+        'secure_hash.h',
+        'secure_hash_default.cc',
+        'secure_hash_openssl.cc',
+        'sha2.cc',
+        'sha2.h',
+        'signature_creator.h',
+        'signature_creator_mac.cc',
+        'signature_creator_nss.cc',
+        'signature_creator_openssl.cc',
+        'signature_creator_win.cc',
+        'signature_verifier.h',
+        'signature_verifier_mac.cc',
+        'signature_verifier_nss.cc',
+        'signature_verifier_openssl.cc',
+        'signature_verifier_win.cc',
+        'symmetric_key.h',
+        'symmetric_key_mac.cc',
+        'symmetric_key_nss.cc',
+        'symmetric_key_openssl.cc',
+        'symmetric_key_win.cc',
+        'third_party/nss/blapi.h',
+        'third_party/nss/blapit.h',
+        'third_party/nss/sha256.h',
+        'third_party/nss/sha512.cc',
+      ],
+    },
+    {
+      'target_name': 'crypto_unittests',
+      'type': 'executable',
+      'sources': [
+        # Infrastructure files.
+        'run_all_unittests.cc',
+
+        # Tests.
+        'encryptor_unittest.cc',
+        'hmac_unittest.cc',
+        'rsa_private_key_unittest.cc',
+        'rsa_private_key_nss_unittest.cc',
+        'secure_hash_unittest.cc',
+        'sha2_unittest.cc',
+        'signature_creator_unittest.cc',
+        'signature_verifier_unittest.cc',
+        'symmetric_key_unittest.cc',
+      ],
+      'dependencies': [
+        'crypto',
+        '../base/base.gyp:base',
+        '../base/base.gyp:test_support_base',
+        '../testing/gmock.gyp:gmock',
+        '../testing/gtest.gyp:gtest',
+      ],
+      'conditions': [
+        [ 'OS == "linux" or OS == "freebsd" or OS == "openbsd" or OS == "solaris"', {
+          'conditions': [
+            [ 'linux_use_tcmalloc==1', {
+                'dependencies': [
+                  '../base/allocator/allocator.gyp:allocator',
+                ],
+              },
+            ],
+          ],
+          'dependencies': [
+            '../build/linux/system.gyp:nss',
+          ],
+        }, {  # OS != "linux" and OS != "freebsd" and OS != "openbsd" and OS != "solaris"
+          'sources!': [
+            'rsa_private_key_nss_unittest.cc',
+          ]
+        }],
+        [ 'OS == "mac" or OS == "win"', {
+          'dependencies': [
+            '../third_party/nss/nss.gyp:nss',
+          ],
+        }],
+        [ 'use_openssl==1', {
+          'sources!': [
+            'rsa_private_key_nss_unittest.cc',
+          ],
+        }],
+      ],
+    },
+  ],
+}

crypto/crypto_module_blocking_password_delegate.h

@@ -2,13 +2,13 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#ifndef BASE_CRYPTO_CRYPTO_MODULE_BLOCKING_PASSWORD_DELEGATE_H_
+#ifndef CRYPTO_CRYPTO_MODULE_BLOCKING_PASSWORD_DELEGATE_H_
-#define BASE_CRYPTO_CRYPTO_MODULE_BLOCKING_PASSWORD_DELEGATE_H_
+#define CRYPTO_CRYPTO_MODULE_BLOCKING_PASSWORD_DELEGATE_H_
 #pragma once
 
 #include <string>
 
-namespace base {
+namespace crypto {
 
 // PK11_SetPasswordFunc is a global setting.  An implementation of
 // CryptoModuleBlockingPasswordDelegate should be passed as the user data
@@ -29,6 +29,6 @@ class CryptoModuleBlockingPasswordDelegate {
                                       bool* cancelled) = 0;
 };
 
-}
+}  // namespace crypto
 
-#endif  // BASE_CRYPTO_CRYPTO_MODULE_BLOCKING_PASSWORD_DELEGATE_H_
+#endif  // CRYPTO_CRYPTO_MODULE_BLOCKING_PASSWORD_DELEGATE_H_

crypto/cssm_init.cc

@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "base/crypto/cssm_init.h"
+#include "crypto/cssm_init.h"
 
 #include <Security/SecBase.h>
 
@@ -155,7 +155,7 @@ class CSSMInitSingleton {
 
 }  // namespace
 
-namespace base {
+namespace crypto {
 
 void EnsureCSSMInit() {
   CSSMInitSingleton::GetInstance();
@@ -187,7 +187,7 @@ void LogCSSMError(const char* fn_name, CSSM_RETURN err) {
   base::mac::ScopedCFTypeRef<CFStringRef> cfstr(
       SecCopyErrorMessageString(err, NULL));
   LOG(ERROR) << fn_name << " returned " << err
-             << " (" << SysCFStringRefToUTF8(cfstr) << ")";
+             << " (" << base::SysCFStringRefToUTF8(cfstr) << ")";
 }
 
 ScopedCSSMData::ScopedCSSMData() {
@@ -201,4 +201,4 @@ ScopedCSSMData::~ScopedCSSMData() {
   }
 }
 
-}  // namespace base
+}  // namespace crypto

crypto/cssm_init.h

@@ -1,16 +1,16 @@
-// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#ifndef BASE_CRYPTO_CSSM_INIT_H_
+#ifndef CRYPTO_CSSM_INIT_H_
-#define BASE_CRYPTO_CSSM_INIT_H_
+#define CRYPTO_CSSM_INIT_H_
 #pragma once
 
 #include <Security/cssm.h>
 
 #include "base/basictypes.h"
 
-namespace base {
+namespace crypto {
 
 // Initialize CSSM if it isn't already initialized.  This must be called before
 // any other CSSM functions.  This function is thread-safe, and CSSM will only
@@ -55,6 +55,6 @@ class ScopedCSSMData {
   DISALLOW_COPY_AND_ASSIGN(ScopedCSSMData);
 };
 
-}  // namespace base
+}  // namespace crypto
 
-#endif  // BASE_CRYPTO_CSSM_INIT_H_
+#endif  // CRYPTO_CSSM_INIT_H_

crypto/encryptor.h

@@ -2,26 +2,25 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#ifndef BASE_CRYPTO_ENCRYPTOR_H_
+#ifndef CRYPTO_ENCRYPTOR_H_
-#define BASE_CRYPTO_ENCRYPTOR_H_
+#define CRYPTO_ENCRYPTOR_H_
 #pragma once
 
 #include <string>
 
-#include "base/base_api.h"
 #include "build/build_config.h"
 
 #if defined(USE_NSS)
-#include "base/crypto/scoped_nss_types.h"
+#include "crypto/scoped_nss_types.h"
 #elif defined(OS_WIN)
-#include "base/crypto/scoped_capi_types.h"
+#include "crypto/scoped_capi_types.h"
 #endif
 
-namespace base {
+namespace crypto {
 
 class SymmetricKey;
 
-class BASE_API Encryptor {
+class Encryptor {
  public:
   enum Mode {
     CBC
@@ -65,6 +64,6 @@ class BASE_API Encryptor {
 #endif
 };
 
-}  // namespace base
+}  // namespace crypto
 
-#endif  // BASE_CRYPTO_ENCRYPTOR_H_
+#endif  // CRYPTO_ENCRYPTOR_H_

crypto/encryptor_mac.cc

@@ -2,15 +2,15 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "base/crypto/encryptor.h"
+#include "crypto/encryptor.h"
 
 #include <CommonCrypto/CommonCryptor.h>
 
-#include "base/crypto/symmetric_key.h"
 #include "base/logging.h"
 #include "base/string_util.h"
+#include "crypto/symmetric_key.h"
 
-namespace base {
+namespace crypto {
 
 Encryptor::Encryptor()
     : key_(NULL),
@@ -73,4 +73,4 @@ bool Encryptor::Decrypt(const std::string& ciphertext, std::string* plaintext) {
   return Crypt(kCCDecrypt, ciphertext, plaintext);
 }
 
-}  // namespace base
+}  // namespace crypto

crypto/encryptor_nss.cc

@@ -2,16 +2,16 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "base/crypto/encryptor.h"
+#include "crypto/encryptor.h"
 
 #include <cryptohi.h>
 #include <vector>
 
-#include "base/crypto/symmetric_key.h"
 #include "base/logging.h"
-#include "base/nss_util.h"
+#include "crypto/nss_util.h"
+#include "crypto/symmetric_key.h"
 
-namespace base {
+namespace crypto {
 
 Encryptor::Encryptor()
     : key_(NULL),
@@ -122,4 +122,4 @@ bool Encryptor::Decrypt(const std::string& ciphertext, std::string* plaintext) {
   return true;
 }
 
-}  // namespace base
+}  // namespace crypto

crypto/encryptor_openssl.cc

@@ -2,17 +2,17 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "base/crypto/encryptor.h"
+#include "crypto/encryptor.h"
 
 #include <openssl/aes.h>
 #include <openssl/evp.h>
 
-#include "base/crypto/symmetric_key.h"
 #include "base/logging.h"
-#include "base/openssl_util.h"
 #include "base/string_util.h"
+#include "crypto/openssl_util.h"
+#include "crypto/symmetric_key.h"
 
-namespace base {
+namespace crypto {
 
 namespace {
 
@@ -124,4 +124,4 @@ bool Encryptor::Crypt(bool do_encrypt,
   return true;
 }
 
-}  // namespace base
+}  // namespace crypto

crypto/encryptor_unittest.cc

@@ -2,25 +2,26 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "base/crypto/encryptor.h"
+#include "crypto/encryptor.h"
 
 #include <string>
 
-#include "base/crypto/symmetric_key.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/string_number_conversions.h"
+#include "crypto/symmetric_key.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
 TEST(EncryptorTest, EncryptDecrypt) {
-  scoped_ptr<base::SymmetricKey> key(base::SymmetricKey::DeriveKeyFromPassword(
+  scoped_ptr<crypto::SymmetricKey> key(
-      base::SymmetricKey::AES, "password", "saltiest", 1000, 256));
+      crypto::SymmetricKey::DeriveKeyFromPassword(
+          crypto::SymmetricKey::AES, "password", "saltiest", 1000, 256));
   EXPECT_TRUE(NULL != key.get());
 
-  base::Encryptor encryptor;
+  crypto::Encryptor encryptor;
   // The IV must be exactly as long as the cipher block size.
   std::string iv("the iv: 16 bytes");
   EXPECT_EQ(16U, iv.size());
-  EXPECT_TRUE(encryptor.Init(key.get(), base::Encryptor::CBC, iv));
+  EXPECT_TRUE(encryptor.Init(key.get(), crypto::Encryptor::CBC, iv));
 
   std::string plaintext("this is the plaintext");
   std::string ciphertext;
@@ -86,15 +87,15 @@ TEST(EncryptorTest, EncryptAES256CBC) {
   };
 
   std::string key(reinterpret_cast<const char*>(raw_key), sizeof(raw_key));
-  scoped_ptr<base::SymmetricKey> sym_key(base::SymmetricKey::Import(
+  scoped_ptr<crypto::SymmetricKey> sym_key(crypto::SymmetricKey::Import(
-      base::SymmetricKey::AES, key));
+      crypto::SymmetricKey::AES, key));
   ASSERT_TRUE(NULL != sym_key.get());
 
-  base::Encryptor encryptor;
+  crypto::Encryptor encryptor;
   // The IV must be exactly as long a the cipher block size.
   std::string iv(reinterpret_cast<const char*>(raw_iv), sizeof(raw_iv));
   EXPECT_EQ(16U, iv.size());
-  EXPECT_TRUE(encryptor.Init(sym_key.get(), base::Encryptor::CBC, iv));
+  EXPECT_TRUE(encryptor.Init(sym_key.get(), crypto::Encryptor::CBC, iv));
 
   std::string plaintext(reinterpret_cast<const char*>(raw_plaintext),
                         sizeof(raw_plaintext));
@@ -119,14 +120,14 @@ TEST(EncryptorTest, EncryptAES128CBCRegression) {
       "D4A67A0BA33C30F207344D81D1E944BBE65587C3D7D9939A"
       "C070C62B9C15A3EA312EA4AD1BC7929F4D3C16B03AD5ADA8";
 
-  scoped_ptr<base::SymmetricKey> sym_key(base::SymmetricKey::Import(
+  scoped_ptr<crypto::SymmetricKey> sym_key(crypto::SymmetricKey::Import(
-      base::SymmetricKey::AES, key));
+      crypto::SymmetricKey::AES, key));
   ASSERT_TRUE(NULL != sym_key.get());
 
-  base::Encryptor encryptor;
+  crypto::Encryptor encryptor;
   // The IV must be exactly as long a the cipher block size.
   EXPECT_EQ(16U, iv.size());
-  EXPECT_TRUE(encryptor.Init(sym_key.get(), base::Encryptor::CBC, iv));
+  EXPECT_TRUE(encryptor.Init(sym_key.get(), crypto::Encryptor::CBC, iv));
 
   std::string ciphertext;
   EXPECT_TRUE(encryptor.Encrypt(plaintext, &ciphertext));
@@ -145,14 +146,14 @@ TEST(EncryptorTest, EncryptAES192CBCRegression) {
   std::string plaintext = "Small text";
   std::string expected_ciphertext_hex = "78DE5D7C2714FC5C61346C5416F6C89A";
 
-  scoped_ptr<base::SymmetricKey> sym_key(base::SymmetricKey::Import(
+  scoped_ptr<crypto::SymmetricKey> sym_key(crypto::SymmetricKey::Import(
-      base::SymmetricKey::AES, key));
+      crypto::SymmetricKey::AES, key));
   ASSERT_TRUE(NULL != sym_key.get());
 
-  base::Encryptor encryptor;
+  crypto::Encryptor encryptor;
   // The IV must be exactly as long a the cipher block size.
   EXPECT_EQ(16U, iv.size());
-  EXPECT_TRUE(encryptor.Init(sym_key.get(), base::Encryptor::CBC, iv));
+  EXPECT_TRUE(encryptor.Init(sym_key.get(), crypto::Encryptor::CBC, iv));
 
   std::string ciphertext;
   EXPECT_TRUE(encryptor.Encrypt(plaintext, &ciphertext));
@@ -170,26 +171,26 @@ TEST(EncryptorTest, EncryptAES192CBCRegression) {
 TEST(EncryptorTest, UnsupportedKeySize) {
   std::string key = "7 = bad";
   std::string iv = "Sweet Sixteen IV";
-  scoped_ptr<base::SymmetricKey> sym_key(base::SymmetricKey::Import(
+  scoped_ptr<crypto::SymmetricKey> sym_key(crypto::SymmetricKey::Import(
-      base::SymmetricKey::AES, key));
+      crypto::SymmetricKey::AES, key));
   ASSERT_TRUE(NULL != sym_key.get());
 
-  base::Encryptor encryptor;
+  crypto::Encryptor encryptor;
   // The IV must be exactly as long a the cipher block size.
   EXPECT_EQ(16U, iv.size());
-  EXPECT_FALSE(encryptor.Init(sym_key.get(), base::Encryptor::CBC, iv));
+  EXPECT_FALSE(encryptor.Init(sym_key.get(), crypto::Encryptor::CBC, iv));
 }
 #endif  // unsupported platforms.
 
 TEST(EncryptorTest, UnsupportedIV) {
   std::string key = "128=SixteenBytes";
   std::string iv = "OnlyForteen :(";
-  scoped_ptr<base::SymmetricKey> sym_key(base::SymmetricKey::Import(
+  scoped_ptr<crypto::SymmetricKey> sym_key(crypto::SymmetricKey::Import(
-      base::SymmetricKey::AES, key));
+      crypto::SymmetricKey::AES, key));
   ASSERT_TRUE(NULL != sym_key.get());
 
-  base::Encryptor encryptor;
+  crypto::Encryptor encryptor;
-  EXPECT_FALSE(encryptor.Init(sym_key.get(), base::Encryptor::CBC, iv));
+  EXPECT_FALSE(encryptor.Init(sym_key.get(), crypto::Encryptor::CBC, iv));
 }
 
 TEST(EncryptorTest, EmptyEncrypt) {
@@ -198,14 +199,14 @@ TEST(EncryptorTest, EmptyEncrypt) {
   std::string plaintext;
   std::string expected_ciphertext_hex = "8518B8878D34E7185E300D0FCC426396";
 
-  scoped_ptr<base::SymmetricKey> sym_key(base::SymmetricKey::Import(
+  scoped_ptr<crypto::SymmetricKey> sym_key(crypto::SymmetricKey::Import(
-      base::SymmetricKey::AES, key));
+      crypto::SymmetricKey::AES, key));
   ASSERT_TRUE(NULL != sym_key.get());
 
-  base::Encryptor encryptor;
+  crypto::Encryptor encryptor;
   // The IV must be exactly as long a the cipher block size.
   EXPECT_EQ(16U, iv.size());
-  EXPECT_TRUE(encryptor.Init(sym_key.get(), base::Encryptor::CBC, iv));
+  EXPECT_TRUE(encryptor.Init(sym_key.get(), crypto::Encryptor::CBC, iv));
 
   std::string ciphertext;
   EXPECT_TRUE(encryptor.Encrypt(plaintext, &ciphertext));
@@ -217,14 +218,14 @@ TEST(EncryptorTest, EmptyDecrypt) {
   std::string key = "128=SixteenBytes";
   std::string iv = "Sweet Sixteen IV";
 
-  scoped_ptr<base::SymmetricKey> sym_key(base::SymmetricKey::Import(
+  scoped_ptr<crypto::SymmetricKey> sym_key(crypto::SymmetricKey::Import(
-      base::SymmetricKey::AES, key));
+      crypto::SymmetricKey::AES, key));
   ASSERT_TRUE(NULL != sym_key.get());
 
-  base::Encryptor encryptor;
+  crypto::Encryptor encryptor;
   // The IV must be exactly as long a the cipher block size.
   EXPECT_EQ(16U, iv.size());
-  EXPECT_TRUE(encryptor.Init(sym_key.get(), base::Encryptor::CBC, iv));
+  EXPECT_TRUE(encryptor.Init(sym_key.get(), crypto::Encryptor::CBC, iv));
 
   std::string decrypted;
   EXPECT_FALSE(encryptor.Decrypt("", &decrypted));

crypto/encryptor_win.cc

@@ -2,13 +2,13 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "base/crypto/encryptor.h"
+#include "crypto/encryptor.h"
 
 #include <vector>
 
-#include "base/crypto/symmetric_key.h"
+#include "crypto/symmetric_key.h"
 
-namespace base {
+namespace crypto {
 
 namespace {
 
@@ -112,4 +112,4 @@ bool Encryptor::Decrypt(const std::string& ciphertext, std::string* plaintext) {
   return true;
 }
 
-}  // namespace base
+}  // namespace crypto

crypto/hmac.h

@@ -5,22 +5,21 @@
 // Utility class for calculating the HMAC for a given message. We currently
 // only support SHA1 for the hash algorithm, but this can be extended easily.
 
-#ifndef BASE_HMAC_H_
+#ifndef CRYPTO_HMAC_H_
-#define BASE_HMAC_H_
+#define CRYPTO_HMAC_H_
 #pragma once
 
 #include <string>
 
-#include "base/base_api.h"
 #include "base/basictypes.h"
 #include "base/memory/scoped_ptr.h"
 
-namespace base {
+namespace crypto {
 
 // Simplify the interface and reduce includes by abstracting out the internals.
 struct HMACPlatformData;
 
-class BASE_API HMAC {
+class HMAC {
  public:
   // The set of supported hash functions. Extend as required.
   enum HashAlgorithm {
@@ -56,6 +55,6 @@ class BASE_API HMAC {
   DISALLOW_COPY_AND_ASSIGN(HMAC);
 };
 
-}  // namespace base
+}  // namespace crypto
 
-#endif  // BASE_HMAC_H_
+#endif  // CRYPTO_HMAC_H_

crypto/hmac_mac.cc

@@ -1,14 +1,14 @@
-// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "base/hmac.h"
+#include "crypto/hmac.h"
 
 #include <CommonCrypto/CommonHMAC.h>
 
 #include "base/logging.h"
 
-namespace base {
+namespace crypto {
 
 struct HMACPlatformData {
   std::string key_;
@@ -70,4 +70,4 @@ bool HMAC::Sign(const std::string& data,
   return true;
 }
 
-}  // namespace base
+}  // namespace crypto

crypto/hmac_nss.cc

@@ -2,17 +2,17 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "base/hmac.h"
+#include "crypto/hmac.h"
 
 #include <nss.h>
 #include <pk11pub.h>
 
-#include "base/crypto/scoped_nss_types.h"
 #include "base/logging.h"
 #include "base/memory/scoped_ptr.h"
-#include "base/nss_util.h"
+#include "crypto/nss_util.h"
+#include "crypto/scoped_nss_types.h"
 
-namespace base {
+namespace crypto {
 
 struct HMACPlatformData {
   CK_MECHANISM_TYPE mechanism_;
@@ -40,7 +40,7 @@ HMAC::~HMAC() {
 }
 
 bool HMAC::Init(const unsigned char *key, int key_length) {
-  base::EnsureNSSInit();
+  EnsureNSSInit();
 
   if (plat_->slot_.get()) {
     // Init must not be called more than twice on the same HMAC object.
@@ -114,4 +114,4 @@ bool HMAC::Sign(const std::string& data,
   return true;
 }
 
-}  // namespace base
+}  // namespace crypto

crypto/hmac_openssl.cc

@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "base/hmac.h"
+#include "crypto/hmac.h"
 
 #include <openssl/hmac.h>
 
@@ -11,10 +11,10 @@
 
 #include "base/logging.h"
 #include "base/memory/scoped_ptr.h"
-#include "base/openssl_util.h"
 #include "base/stl_util-inl.h"
+#include "crypto/openssl_util.h"
 
-namespace base {
+namespace crypto {
 
 struct HMACPlatformData {
   std::vector<unsigned char> key;
@@ -54,4 +54,4 @@ bool HMAC::Sign(const std::string& data,
                 result.safe_buffer(), NULL);
 }
 
-}  // namespace base
+}  // namespace crypto

crypto/hmac_unittest.cc

@@ -1,10 +1,10 @@
-// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <string>
 
-#include "base/hmac.h"
+#include "crypto/hmac.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
 static const int kSHA1DigestSize = 20;
@@ -52,7 +52,7 @@ TEST(HMACTest, HmacSafeBrowsingResponseTest) {
 
   std::string message_data(kMessage);
 
-  base::HMAC hmac(base::HMAC::SHA1);
+  crypto::HMAC hmac(crypto::HMAC::SHA1);
   ASSERT_TRUE(hmac.Init(kClientKey, kKeySize));
   unsigned char calculated_hmac[kSHA1DigestSize];
 
@@ -121,7 +121,7 @@ TEST(HMACTest, RFC2202TestCases) {
   };
 
   for (size_t i = 0; i < ARRAYSIZE_UNSAFE(cases); ++i) {
-    base::HMAC hmac(base::HMAC::SHA1);
+    crypto::HMAC hmac(crypto::HMAC::SHA1);
     ASSERT_TRUE(hmac.Init(reinterpret_cast<const unsigned char*>(cases[i].key),
                           cases[i].key_len));
     std::string data_string(cases[i].data, cases[i].data_len);
@@ -147,7 +147,7 @@ TEST(HMACTest, RFC4231TestCase6) {
     0x05, 0x46, 0x04, 0x0f, 0x0e, 0xe3, 0x7f, 0x54
   };
 
-  base::HMAC hmac(base::HMAC::SHA256);
+  crypto::HMAC hmac(crypto::HMAC::SHA256);
   ASSERT_TRUE(hmac.Init(key, sizeof(key)));
   unsigned char calculated_hmac[kSHA256DigestSize];
 
@@ -187,14 +187,14 @@ TEST(HMACTest, NSSFIPSPowerUpSelfTest) {
 
   std::string message_data(kKnownMessage);
 
-  base::HMAC hmac(base::HMAC::SHA1);
+  crypto::HMAC hmac(crypto::HMAC::SHA1);
   ASSERT_TRUE(hmac.Init(kKnownSecretKey, kKnownSecretKeySize));
   unsigned char calculated_hmac[kSHA1DigestSize];
 
   EXPECT_TRUE(hmac.Sign(message_data, calculated_hmac, kSHA1DigestSize));
   EXPECT_EQ(0, memcmp(kKnownHMACSHA1, calculated_hmac, kSHA1DigestSize));
 
-  base::HMAC hmac2(base::HMAC::SHA256);
+  crypto::HMAC hmac2(crypto::HMAC::SHA256);
   ASSERT_TRUE(hmac2.Init(kKnownSecretKey, kKnownSecretKeySize));
   unsigned char calculated_hmac2[kSHA256DigestSize];
 
@@ -225,7 +225,7 @@ TEST(HMACTest, HMACObjectReuse) {
           "\xBB\xFF\x1A\x91" }
   };
 
-  base::HMAC hmac(base::HMAC::SHA1);
+  crypto::HMAC hmac(crypto::HMAC::SHA1);
   ASSERT_TRUE(hmac.Init(reinterpret_cast<const unsigned char*>(key), key_len));
   for (size_t i = 0; i < ARRAYSIZE_UNSAFE(cases); ++i) {
     std::string data_string(cases[i].data, cases[i].data_len);

crypto/hmac_win.cc

@@ -1,8 +1,8 @@
-// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "base/hmac.h"
+#include "crypto/hmac.h"
 
 #include <windows.h>
 #include <wincrypt.h>
@@ -10,12 +10,12 @@
 #include <algorithm>
 #include <vector>
 
-#include "base/crypto/scoped_capi_types.h"
 #include "base/logging.h"
-#include "base/third_party/nss/blapi.h"
+#include "crypto/scoped_capi_types.h"
-#include "base/third_party/nss/sha256.h"
+#include "crypto/third_party/nss/blapi.h"
+#include "crypto/third_party/nss/sha256.h"
 
-namespace base {
+namespace crypto {
 
 namespace {
 
@@ -194,4 +194,4 @@ bool HMAC::Sign(const std::string& data,
   return !!CryptGetHashParam(hash, HP_HASHVAL, digest, &sha1_size, 0);
 }
 
-}  // namespace base
+}  // namespace crypto

crypto/mac_security_services_lock.cc

@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "base/crypto/mac_security_services_lock.h"
+#include "crypto/mac_security_services_lock.h"
 
 #include "base/memory/singleton.h"
 #include "base/synchronization/lock.h"
@@ -33,10 +33,10 @@ class SecurityServicesSingleton {
 
 }  // namespace
 
-namespace base {
+namespace crypto {
 
 base::Lock& GetMacSecurityServicesLock() {
   return SecurityServicesSingleton::GetInstance()->lock();
 }
 
-}  // namespace base
+}  // namespace crypto

crypto/mac_security_services_lock.h

@@ -2,21 +2,24 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#ifndef BASE_CRYPTO_MAC_SECURITY_SERVICES_LOCK_H_
+#ifndef CRYPTO_MAC_SECURITY_SERVICES_LOCK_H_
-#define BASE_CRYPTO_MAC_SECURITY_SERVICES_LOCK_H_
+#define CRYPTO_MAC_SECURITY_SERVICES_LOCK_H_
 #pragma once
 
 namespace base {
-
 class Lock;
+}
+
+
+namespace crypto {
 
 // The Mac OS X certificate and key management wrappers over CSSM are not
 // thread-safe. In particular, code that accesses the CSSM database is
 // problematic.
 //
 // http://developer.apple.com/mac/library/documentation/Security/Reference/certifkeytrustservices/Reference/reference.html
-Lock& GetMacSecurityServicesLock();
+base::Lock& GetMacSecurityServicesLock();
 
-}  // namespace base
+}  // namespace crypto
 
-#endif  // BASE_CRYPTO_MAC_SECURITY_SERVICES_LOCK_H_
+#endif  // CRYPTO_MAC_SECURITY_SERVICES_LOCK_H_

crypto/nss_util.cc

@@ -2,15 +2,15 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "base/nss_util.h"
+#include "crypto/nss_util.h"
-#include "base/nss_util_internal.h"
+#include "crypto/nss_util_internal.h"
 
 #include <nss.h>
-#include <pk11pub.h>
 #include <plarena.h>
 #include <prerror.h>
 #include <prinit.h>
 #include <prtime.h>
+#include <pk11pub.h>
 #include <secmod.h>
 
 #if defined(OS_LINUX)
@@ -20,7 +20,6 @@
 
 #include <vector>
 
-#include "base/crypto/scoped_nss_types.h"
 #include "base/environment.h"
 #include "base/file_path.h"
 #include "base/file_util.h"
@@ -30,17 +29,18 @@
 #include "base/native_library.h"
 #include "base/stringprintf.h"
 #include "base/threading/thread_restrictions.h"
+#include "crypto/scoped_nss_types.h"
 
 // USE_NSS means we use NSS for everything crypto-related.  If USE_NSS is not
 // defined, such as on Mac and Windows, we use NSS for SSL only -- we don't
 // use NSS for crypto or certificate verification, and we don't use the NSS
 // certificate and key databases.
 #if defined(USE_NSS)
-#include "base/crypto/crypto_module_blocking_password_delegate.h"
 #include "base/synchronization/lock.h"
+#include "crypto/crypto_module_blocking_password_delegate.h"
 #endif  // defined(USE_NSS)
 
-namespace base {
+namespace crypto {
 
 namespace {
 
@@ -110,11 +110,11 @@ char* PKCS11PasswordFunc(PK11SlotInfo* slot, PRBool retry, void* arg) {
 #if defined(OS_CHROMEOS)
   // If we get asked for a password for the TPM, then return the
   // static password we use.
-  if (PK11_GetTokenName(slot) == base::GetTPMTokenName())
+  if (PK11_GetTokenName(slot) == crypto::GetTPMTokenName())
     return PORT_Strdup(GetTPMUserPIN().c_str());
 #endif
-  base::CryptoModuleBlockingPasswordDelegate* delegate =
+  crypto::CryptoModuleBlockingPasswordDelegate* delegate =
-      reinterpret_cast<base::CryptoModuleBlockingPasswordDelegate*>(arg);
+      reinterpret_cast<crypto::CryptoModuleBlockingPasswordDelegate*>(arg);
   if (delegate) {
     bool cancelled = false;
     std::string password = delegate->RequestPassword(PK11_GetTokenName(slot),
@@ -147,7 +147,7 @@ void UseLocalCacheOfNSSDatabaseIfNFS(const FilePath& database_dir) {
   struct statfs buf;
   if (statfs(database_dir.value().c_str(), &buf) == 0) {
     if (buf.f_type == NFS_SUPER_MAGIC) {
-      scoped_ptr<Environment> env(Environment::Create());
+      scoped_ptr<base::Environment> env(base::Environment::Create());
       const char* use_cache_env_var = "NSS_SDB_USE_CACHE";
       if (!env->HasVar(use_cache_env_var))
         env->SetVar(use_cache_env_var, "yes");
@@ -196,7 +196,7 @@ PK11SlotInfo* FindSlotWithTokenName(const std::string& token_name) {
 // singleton.
 class NSPRInitSingleton {
  private:
-  friend struct DefaultLazyInstanceTraits<NSPRInitSingleton>;
+  friend struct base::DefaultLazyInstanceTraits<NSPRInitSingleton>;
 
   NSPRInitSingleton() {
     PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0);
@@ -214,8 +214,9 @@ class NSPRInitSingleton {
   }
 };
 
-LazyInstance<NSPRInitSingleton, LeakyLazyInstanceTraits<NSPRInitSingleton> >
+base::LazyInstance<NSPRInitSingleton,
-    g_nspr_singleton(LINKER_INITIALIZED);
+                   base::LeakyLazyInstanceTraits<NSPRInitSingleton> >
+    g_nspr_singleton(base::LINKER_INITIALIZED);
 
 class NSSInitSingleton {
  public:
@@ -224,7 +225,7 @@ class NSSInitSingleton {
     if (!chromeos_user_logged_in_) {
       // GetDefaultConfigDirectory causes us to do blocking IO on UI thread.
       // Temporarily allow it until we fix http://crbug.com/70119
-      ThreadRestrictions::ScopedAllowIO allow_io;
+      base::ThreadRestrictions::ScopedAllowIO allow_io;
       chromeos_user_logged_in_ = true;
 
       // This creates another DB slot in NSS that is read/write, unlike
@@ -321,7 +322,7 @@ class NSSInitSingleton {
   }
 
 #if defined(USE_NSS)
-  Lock* write_lock() {
+  base::Lock* write_lock() {
     return &write_lock_;
   }
 #endif  // defined(USE_NSS)
@@ -333,7 +334,7 @@ class NSSInitSingleton {
   }
 
  private:
-  friend struct DefaultLazyInstanceTraits<NSSInitSingleton>;
+  friend struct base::DefaultLazyInstanceTraits<NSSInitSingleton>;
 
   NSSInitSingleton()
       : opencryptoki_module_(NULL),
@@ -503,7 +504,7 @@ class NSSInitSingleton {
 
 #if defined(OS_CHROMEOS)
   void EnsureTPMInit() {
-    base::ScopedPK11Slot tpm_slot(GetTPMSlot());
+    crypto::ScopedPK11Slot tpm_slot(GetTPMSlot());
     if (tpm_slot.get()) {
       // TODO(gspencer): Remove this in favor of the dbus API for
       // cryptohomed when that is available.
@@ -545,15 +546,16 @@ class NSSInitSingleton {
 #if defined(USE_NSS)
   // TODO(davidben): When https://bugzilla.mozilla.org/show_bug.cgi?id=564011
   // is fixed, we will no longer need the lock.
-  Lock write_lock_;
+  base::Lock write_lock_;
 #endif  // defined(USE_NSS)
 };
 
 // static
 bool NSSInitSingleton::force_nodb_init_ = false;
 
-LazyInstance<NSSInitSingleton, LeakyLazyInstanceTraits<NSSInitSingleton> >
+base::LazyInstance<NSSInitSingleton,
-    g_nss_singleton(LINKER_INITIALIZED);
+                   base::LeakyLazyInstanceTraits<NSSInitSingleton> >
+    g_nss_singleton(base::LINKER_INITIALIZED);
 
 }  // namespace
 
@@ -573,7 +575,7 @@ void EnsureNSSInit() {
   // Initializing SSL causes us to do blocking IO.
   // Temporarily allow it until we fix
   //   http://code.google.com/p/chromium/issues/detail?id=59847
-  ThreadRestrictions::ScopedAllowIO allow_io;
+  base::ThreadRestrictions::ScopedAllowIO allow_io;
   g_nss_singleton.Get();
 }
 
@@ -582,7 +584,7 @@ void ForceNSSNoDBInit() {
 }
 
 void DisableNSSForkCheck() {
-  scoped_ptr<Environment> env(Environment::Create());
+  scoped_ptr<base::Environment> env(base::Environment::Create());
   env->SetVar("NSS_STRICT_NOFORK", "DISABLED");
 }
 
@@ -609,7 +611,7 @@ void LoadNSSLibraries() {
   for (size_t i = 0; i < libs.size(); ++i) {
     for (size_t j = 0; j < paths.size(); ++j) {
       FilePath path = paths[j].Append(libs[i]);
-      NativeLibrary lib = base::LoadNativeLibrary(path);
+      base::NativeLibrary lib = base::LoadNativeLibrary(path);
       if (lib) {
         ++loaded;
         break;
@@ -638,7 +640,7 @@ void CloseTestNSSDB() {
   g_nss_singleton.Get().CloseTestNSSDB();
 }
 
-Lock* GetNSSWriteLock() {
+base::Lock* GetNSSWriteLock() {
   return g_nss_singleton.Get().write_lock();
 }
 
@@ -676,11 +678,11 @@ std::string GetTPMUserPIN() {
 
 // TODO(port): Implement this more simply.  We can convert by subtracting an
 // offset (the difference between NSPR's and base::Time's epochs).
-Time PRTimeToBaseTime(PRTime prtime) {
+base::Time PRTimeToBaseTime(PRTime prtime) {
   PRExplodedTime prxtime;
   PR_ExplodeTime(prtime, PR_GMTParameters, &prxtime);
 
-  Time::Exploded exploded;
+  base::Time::Exploded exploded;
   exploded.year         = prxtime.tm_year;
   exploded.month        = prxtime.tm_month + 1;
   exploded.day_of_week  = prxtime.tm_wday;
@@ -690,7 +692,7 @@ Time PRTimeToBaseTime(PRTime prtime) {
   exploded.second       = prxtime.tm_sec;
   exploded.millisecond  = prxtime.tm_usec / 1000;
 
-  return Time::FromUTCExploded(exploded);
+  return base::Time::FromUTCExploded(exploded);
 }
 
 PK11SlotInfo* GetPublicNSSKeySlot() {
@@ -701,4 +703,4 @@ PK11SlotInfo* GetPrivateNSSKeySlot() {
   return g_nss_singleton.Get().GetPrivateNSSKeySlot();
 }
 
-}  // namespace base
+}  // namespace crypto

crypto/nss_util.h

@@ -2,8 +2,8 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#ifndef BASE_NSS_UTIL_H_
+#ifndef CRYPTO_NSS_UTIL_H_
-#define BASE_NSS_UTIL_H_
+#define CRYPTO_NSS_UTIL_H_
 #pragma once
 
 #include <string>
@@ -13,13 +13,15 @@
 class FilePath;
 #endif  // defined(USE_NSS)
 
+namespace base {
+class Lock;
+class Time;
+}  // namespace base
+
 // This file specifically doesn't depend on any NSS or NSPR headers because it
 // is included by various (non-crypto) parts of chrome to call the
 // initialization functions.
-namespace base {
+namespace crypto {
-
-class Lock;
-class Time;
 
 #if defined(USE_NSS)
 // EarlySetupForNSSInit performs lightweight setup which must occur before the
@@ -29,13 +31,12 @@ void EarlySetupForNSSInit();
 #endif
 
 // Initialize NRPR if it isn't already initialized.  This function is
-// thread-safe, and NSPR will only ever be initialized once.  NSPR will be
+// thread-safe, and NSPR will only ever be initialized once.
-// properly shut down on program exit.
 void EnsureNSPRInit();
 
 // Initialize NSS if it isn't already initialized.  This must be called before
 // any other NSS functions.  This function is thread-safe, and NSS will only
-// ever be initialized once.  NSS will be properly shut down on program exit.
+// ever be initialized once.
 void EnsureNSSInit();
 
 // Call this before calling EnsureNSSInit() will force NSS to initialize
@@ -100,7 +101,7 @@ std::string GetTPMUserPIN();
 
 // Convert a NSS PRTime value into a base::Time object.
 // We use a int64 instead of PRTime here to avoid depending on NSPR headers.
-Time PRTimeToBaseTime(int64 prtime);
+base::Time PRTimeToBaseTime(int64 prtime);
 
 #if defined(USE_NSS)
 // Exposed for unittests only.  |path| should be an existing directory under
@@ -117,7 +118,7 @@ void CloseTestNSSDB();
 // it to return NULL in the future.
 //
 // See https://bugzilla.mozilla.org/show_bug.cgi?id=564011
-Lock* GetNSSWriteLock();
+base::Lock* GetNSSWriteLock();
 
 // A helper class that acquires the NSS write Lock while the AutoNSSWriteLock
 // is in scope.
@@ -126,12 +127,12 @@ class AutoNSSWriteLock {
   AutoNSSWriteLock();
   ~AutoNSSWriteLock();
  private:
-  Lock *lock_;
+  base::Lock *lock_;
   DISALLOW_COPY_AND_ASSIGN(AutoNSSWriteLock);
 };
 
 #endif  // defined(USE_NSS)
 
-}  // namespace base
+}  // namespace crypto
 
-#endif  // BASE_NSS_UTIL_H_
+#endif  // CRYPTO_NSS_UTIL_H_

crypto/nss_util_internal.h

@@ -2,8 +2,8 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#ifndef BASE_NSS_SLOT_UTIL_H_
+#ifndef CRYPTO_NSS_UTIL_INTERNAL_H_
-#define BASE_NSS_SLOT_UTIL_H_
+#define CRYPTO_NSS_UTIL_INTERNAL_H_
 #pragma once
 
 #include <secmodt.h>
@@ -11,7 +11,7 @@
 // These functions return a type defined in an NSS header, and so cannot be
 // declared in nss_util.h.  Hence, they are declared here.
 
-namespace base {
+namespace crypto {
 
 // Returns a reference to the default NSS key slot for storing
 // public-key data only (e.g. server certs). Caller must release
@@ -25,6 +25,6 @@ PK11SlotInfo* GetPublicNSSKeySlot();
 // PK11_FreeSlot.
 PK11SlotInfo* GetPrivateNSSKeySlot();
 
-}  // namespace base
+}  // namespace crypto
 
-#endif  // BASE_NSS_UTIL_H_
+#endif  // CRYPTO_NSS_UTIL_INTERNAL_H_

crypto/openssl_util.cc

@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "base/openssl_util.h"
+#include "crypto/openssl_util.h"
 
 #include <openssl/err.h>
 #include <openssl/ssl.h>
@@ -13,12 +13,12 @@
 #include "base/string_piece.h"
 #include "base/synchronization/lock.h"
 
-namespace base {
+namespace crypto {
 
 namespace {
 
 unsigned long CurrentThreadId() {
-  return static_cast<unsigned long>(PlatformThread::CurrentId());
+  return static_cast<unsigned long>(base::PlatformThread::CurrentId());
 }
 
 // Singleton for initializing and cleaning up the OpenSSL library.
@@ -34,8 +34,8 @@ class OpenSSLInitSingleton {
     //      we can't control the order the AtExit handlers will run in so
     //      allowing the global environment to leak at least ensures it is
     //      available for those other singletons to reliably cleanup.
-    return Singleton<OpenSSLInitSingleton,
+    return base::Singleton<OpenSSLInitSingleton,
-                     LeakySingletonTraits<OpenSSLInitSingleton> >::get();
+               base::LeakySingletonTraits<OpenSSLInitSingleton> >::get();
   }
  private:
   friend struct DefaultSingletonTraits<OpenSSLInitSingleton>;
@@ -110,4 +110,4 @@ void ClearOpenSSLERRStack(const tracked_objects::Location& location) {
   }
 }
 
-}  // namespace base
+}  // namespace crypto

crypto/openssl_util.h

@@ -1,15 +1,15 @@
-// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#ifndef BASE_OPENSSL_UTIL_H_
+#ifndef CRYPTO_OPENSSL_UTIL_H_
-#define BASE_OPENSSL_UTIL_H_
+#define CRYPTO_OPENSSL_UTIL_H_
 #pragma once
 
 #include "base/basictypes.h"
 #include "base/tracked.h"
 
-namespace base {
+namespace crypto {
 
 // A helper class that takes care of destroying OpenSSL objects when it goes out
 // of scope.
@@ -108,6 +108,6 @@ class OpenSSLErrStackTracer {
   DISALLOW_IMPLICIT_CONSTRUCTORS(OpenSSLErrStackTracer);
 };
 
-}  // namespace base
+}  // namespace crypto
 
-#endif  // BASE_OPENSSL_UTIL_H_
+#endif  // CRYPTO_OPENSSL_UTIL_H_

crypto/rsa_private_key.cc

@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "base/crypto/rsa_private_key.h"
+#include "crypto/rsa_private_key.h"
 
 #include <algorithm>
 #include <list>
@@ -42,7 +42,7 @@ namespace {
   }
 }  // namespace
 
-namespace base {
+namespace crypto {
 
 const uint8 PrivateKeyInfoCodec::kRsaAlgorithmIdentifier[] = {
   0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01,
@@ -387,4 +387,4 @@ bool PrivateKeyInfoCodec::ReadVersion(uint8** pos, uint8* end) {
   return true;
 }
 
-}  // namespace base
+}  // namespace crypto

crypto/rsa_private_key.h

@@ -2,8 +2,8 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#ifndef BASE_CRYPTO_RSA_PRIVATE_KEY_H_
+#ifndef CRYPTO_RSA_PRIVATE_KEY_H_
-#define BASE_CRYPTO_RSA_PRIVATE_KEY_H_
+#define CRYPTO_RSA_PRIVATE_KEY_H_
 #pragma once
 
 #include "build/build_config.h"
@@ -22,21 +22,20 @@ struct SECKEYPublicKeyStr;
 #include <list>
 #include <vector>
 
-#include "base/base_api.h"
 #include "base/basictypes.h"
 
 #if defined(OS_WIN)
-#include "base/crypto/scoped_capi_types.h"
+#include "crypto/scoped_capi_types.h"
 #endif
 #if defined(USE_NSS)
 #include "base/gtest_prod_util.h"
 #endif
 
-namespace base {
+namespace crypto {
 
 // Used internally by RSAPrivateKey for serializing and deserializing
 // PKCS #8 PrivateKeyInfo and PublicKeyInfo.
-class BASE_API PrivateKeyInfoCodec {
+class PrivateKeyInfoCodec {
  public:
 
   // ASN.1 encoding of the AlgorithmIdentifier from PKCS #8.
@@ -171,7 +170,7 @@ class BASE_API PrivateKeyInfoCodec {
 // Encapsulates an RSA private key. Can be used to generate new keys, export
 // keys to other formats, or to extract a public key.
 // TODO(hclam): This class should be ref-counted so it can be reused easily.
-class BASE_API RSAPrivateKey {
+class RSAPrivateKey {
  public:
   ~RSAPrivateKey();
 
@@ -269,6 +268,6 @@ class BASE_API RSAPrivateKey {
   DISALLOW_COPY_AND_ASSIGN(RSAPrivateKey);
 };
 
-}  // namespace base
+}  // namespace crypto
 
-#endif  // BASE_CRYPTO_RSA_PRIVATE_KEY_H_
+#endif  // CRYPTO_RSA_PRIVATE_KEY_H_

crypto/rsa_private_key_mac.cc

@@ -2,15 +2,15 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "base/crypto/rsa_private_key.h"
+#include "crypto/rsa_private_key.h"
 
 #include <list>
 
-#include "base/crypto/cssm_init.h"
 #include "base/logging.h"
 #include "base/memory/scoped_ptr.h"
+#include "crypto/cssm_init.h"
 
-namespace base {
+namespace crypto {
 
 // static
 RSAPrivateKey* RSAPrivateKey::Create(uint16 num_bits) {
@@ -133,8 +133,8 @@ RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfo(
   public_key->KeyHeader.KeyAttr = CSSM_KEYATTR_EXTRACTABLE;
   public_key->KeyHeader.KeyUsage = CSSM_KEYUSE_ANY;
 
-  crtn = CSSM_QueryKeySizeInBits(
+  crtn = CSSM_QueryKeySizeInBits(GetSharedCSPHandle(), NULL, public_key,
-      base::GetSharedCSPHandle(), NULL, public_key, &key_size);
+                                 &key_size);
   if (crtn) {
     DLOG(ERROR) << "CSSM_QueryKeySizeInBits failed " << crtn;
     return NULL;
@@ -193,4 +193,4 @@ bool RSAPrivateKey::ExportPublicKey(std::vector<uint8>* output) {
           private_key_info.ExportPublicKeyInfo(output));
 }
 
-}  // namespace base
+}  // namespace crypto

crypto/rsa_private_key_nss.cc

@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "base/crypto/rsa_private_key.h"
+#include "crypto/rsa_private_key.h"
 
 #include <cryptohi.h>
 #include <keyhi.h>
@@ -13,9 +13,9 @@
 #include "base/debug/leak_annotations.h"
 #include "base/logging.h"
 #include "base/memory/scoped_ptr.h"
-#include "base/nss_util.h"
-#include "base/nss_util_internal.h"
 #include "base/string_util.h"
+#include "crypto/nss_util.h"
+#include "crypto/nss_util_internal.h"
 
 // TODO(rafaelw): Consider refactoring common functions and definitions from
 // rsa_private_key_win.cc or using NSS's ASN.1 encoder.
@@ -39,7 +39,7 @@ static bool ReadAttribute(SECKEYPrivateKey* key,
 
 }  // namespace
 
-namespace base {
+namespace crypto {
 
 RSAPrivateKey::~RSAPrivateKey() {
   if (key_)
@@ -81,7 +81,7 @@ RSAPrivateKey* RSAPrivateKey::CreateSensitiveFromPrivateKeyInfo(
 // static
 RSAPrivateKey* RSAPrivateKey::FindFromPublicKeyInfo(
     const std::vector<uint8>& input) {
-  base::EnsureNSSInit();
+  EnsureNSSInit();
 
   scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey);
 
@@ -186,7 +186,7 @@ RSAPrivateKey::RSAPrivateKey() : key_(NULL), public_key_(NULL) {
 RSAPrivateKey* RSAPrivateKey::CreateWithParams(uint16 num_bits,
                                                bool permanent,
                                                bool sensitive) {
-  base::EnsureNSSInit();
+  EnsureNSSInit();
 
   scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey);
 
@@ -212,7 +212,7 @@ RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfoWithParams(
   // This method currently leaks some memory.
   // See http://crbug.com/34742.
   ANNOTATE_SCOPED_MEMORY_LEAK;
-  base::EnsureNSSInit();
+  EnsureNSSInit();
 
   scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey);
 
@@ -245,4 +245,4 @@ RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfoWithParams(
   return result.release();
 }
 
-}  // namespace base
+}  // namespace crypto

crypto/rsa_private_key_nss_unittest.cc

@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "base/crypto/rsa_private_key.h"
+#include "crypto/rsa_private_key.h"
 
 #include <keyhi.h>
 #include <pk11pub.h>
@@ -11,7 +11,7 @@
 #include "base/nss_util.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
-namespace base {
+namespace crypto {
 
 class RSAPrivateKeyNSSTest : public testing::Test {
  public:
@@ -20,7 +20,7 @@ class RSAPrivateKeyNSSTest : public testing::Test {
 
   virtual void SetUp() {
 #if defined(OS_CHROMEOS)
-    base::OpenPersistentNSSDB();
+    OpenPersistentNSSDB();
 #endif
   }
 
@@ -30,20 +30,20 @@ class RSAPrivateKeyNSSTest : public testing::Test {
 
 TEST_F(RSAPrivateKeyNSSTest, FindFromPublicKey) {
   // Create a keypair, which will put the keys in the user's NSSDB.
-  scoped_ptr<base::RSAPrivateKey> key_pair(base::RSAPrivateKey::Create(256));
+  scoped_ptr<crypto::RSAPrivateKey> key_pair(RSAPrivateKey::Create(256));
 
   std::vector<uint8> public_key;
   ASSERT_TRUE(key_pair->ExportPublicKey(&public_key));
 
-  scoped_ptr<base::RSAPrivateKey> key_pair_2(
+  scoped_ptr<crypto::RSAPrivateKey> key_pair_2(
-      base::RSAPrivateKey::FindFromPublicKeyInfo(public_key));
+      crypto::RSAPrivateKey::FindFromPublicKeyInfo(public_key));
 
   EXPECT_EQ(key_pair->key_->pkcs11ID, key_pair_2->key_->pkcs11ID);
 }
 
 TEST_F(RSAPrivateKeyNSSTest, FailedFindFromPublicKey) {
   // Create a keypair, which will put the keys in the user's NSSDB.
-  scoped_ptr<base::RSAPrivateKey> key_pair(base::RSAPrivateKey::Create(256));
+  scoped_ptr<crypto::RSAPrivateKey> key_pair(RSAPrivateKey::Create(256));
 
   std::vector<uint8> public_key;
   ASSERT_TRUE(key_pair->ExportPublicKey(&public_key));
@@ -58,7 +58,7 @@ TEST_F(RSAPrivateKeyNSSTest, FailedFindFromPublicKey) {
                             key_pair->public_key_->pkcs11ID);
   }
 
-  EXPECT_EQ(NULL, base::RSAPrivateKey::FindFromPublicKeyInfo(public_key));
+  EXPECT_EQ(NULL, crypto::RSAPrivateKey::FindFromPublicKeyInfo(public_key));
 }
 
-}  // namespace base
+}  // namespace crypto

crypto/rsa_private_key_openssl.cc

@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "base/crypto/rsa_private_key.h"
+#include "crypto/rsa_private_key.h"
 
 #include <openssl/evp.h>
 #include <openssl/pkcs12.h>
@@ -10,10 +10,10 @@
 
 #include "base/logging.h"
 #include "base/memory/scoped_ptr.h"
-#include "base/openssl_util.h"
 #include "base/stl_util-inl.h"
+#include "crypto/openssl_util.h"
 
-namespace base {
+namespace crypto {
 
 namespace {
 
@@ -132,4 +132,4 @@ bool RSAPrivateKey::ExportPublicKey(std::vector<uint8>* output) {
   return ExportKey(key_, i2d_PUBKEY_bio, output);
 }
 
-}  // namespace base
+}  // namespace crypto

crypto/rsa_private_key_unittest.cc

@@ -2,15 +2,18 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "base/crypto/rsa_private_key.h"
+#include "crypto/rsa_private_key.h"
+
 #include "base/memory/scoped_ptr.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
 // Generate random private keys with two different sizes. Reimport, then
 // export them again. We should get back the same exact bytes.
 TEST(RSAPrivateKeyUnitTest, InitRandomTest) {
-  scoped_ptr<base::RSAPrivateKey> keypair1(base::RSAPrivateKey::Create(1024));
+  scoped_ptr<crypto::RSAPrivateKey> keypair1(
-  scoped_ptr<base::RSAPrivateKey> keypair2(base::RSAPrivateKey::Create(2048));
+      crypto::RSAPrivateKey::Create(1024));
+  scoped_ptr<crypto::RSAPrivateKey> keypair2(
+      crypto::RSAPrivateKey::Create(2048));
   ASSERT_TRUE(keypair1.get());
   ASSERT_TRUE(keypair2.get());
 
@@ -24,10 +27,10 @@ TEST(RSAPrivateKeyUnitTest, InitRandomTest) {
   ASSERT_TRUE(keypair1->ExportPublicKey(&pubkey1));
   ASSERT_TRUE(keypair2->ExportPublicKey(&pubkey2));
 
-  scoped_ptr<base::RSAPrivateKey> keypair3(
+  scoped_ptr<crypto::RSAPrivateKey> keypair3(
-      base::RSAPrivateKey::CreateFromPrivateKeyInfo(privkey1));
+      crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(privkey1));
-  scoped_ptr<base::RSAPrivateKey> keypair4(
+  scoped_ptr<crypto::RSAPrivateKey> keypair4(
-      base::RSAPrivateKey::CreateFromPrivateKeyInfo(privkey2));
+      crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(privkey2));
   ASSERT_TRUE(keypair3.get());
   ASSERT_TRUE(keypair4.get());
 
@@ -159,8 +162,8 @@ TEST(RSAPrivateKeyUnitTest, PublicKeyTest) {
   input.resize(sizeof(private_key_info));
   memcpy(&input.front(), private_key_info, sizeof(private_key_info));
 
-  scoped_ptr<base::RSAPrivateKey> key(
+  scoped_ptr<crypto::RSAPrivateKey> key(
-      base::RSAPrivateKey::CreateFromPrivateKeyInfo(input));
+      crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(input));
   ASSERT_TRUE(key.get());
 
   std::vector<uint8> output;
@@ -362,10 +365,10 @@ TEST(RSAPrivateKeyUnitTest, ShortIntegers) {
   memcpy(&input2.front(), short_integer_without_high_bit,
          sizeof(short_integer_without_high_bit));
 
-  scoped_ptr<base::RSAPrivateKey> keypair1(
+  scoped_ptr<crypto::RSAPrivateKey> keypair1(
-      base::RSAPrivateKey::CreateFromPrivateKeyInfo(input1));
+      crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(input1));
-  scoped_ptr<base::RSAPrivateKey> keypair2(
+  scoped_ptr<crypto::RSAPrivateKey> keypair2(
-      base::RSAPrivateKey::CreateFromPrivateKeyInfo(input2));
+      crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(input2));
   ASSERT_TRUE(keypair1.get());
   ASSERT_TRUE(keypair2.get());
 

crypto/rsa_private_key_win.cc

@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "base/crypto/rsa_private_key.h"
+#include "crypto/rsa_private_key.h"
 
 #include <list>
 
@@ -19,7 +19,7 @@ namespace {
   }
 }  // namespace
 
-namespace base {
+namespace crypto {
 
 // static
 RSAPrivateKey* RSAPrivateKey::Create(uint16 num_bits) {
@@ -226,4 +226,4 @@ bool RSAPrivateKey::ExportPublicKey(std::vector<uint8>* output) {
   return true;
 }
 
-}  // namespace base
+}  // namespace crypto

crypto/run_all_unittests.cc

@@ -0,0 +1,17 @@
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "base/test/test_suite.h"
+#include "crypto/nss_util.h"
+
+int main(int argc, char** argv) {
+#if defined(USE_NSS)
+  // This is most likely not needed, but it basically replaces a similar call
+  // that was performed on test_support_base.
+  TODO(rvargas) Bug 79359: remove this.
+  crypto::EnsureNSSInit();
+#endif  // defined(USE_NSS)
+
+  return base::TestSuite(argc, argv).Run();
+}

crypto/scoped_capi_types.h

@@ -1,9 +1,9 @@
-// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#ifndef BASE_CRYPTO_SCOPED_CAPI_TYPES_H_
+#ifndef CRYPTO_SCOPED_CAPI_TYPES_H_
-#define BASE_CRYPTO_SCOPED_CAPI_TYPES_H_
+#define CRYPTO_SCOPED_CAPI_TYPES_H_
 #pragma once
 
 #include <windows.h>
@@ -13,7 +13,7 @@
 
 #include "base/logging.h"
 
-namespace base {
+namespace crypto {
 
 // Simple destructor for the Free family of CryptoAPI functions, such as
 // CryptDestroyHash, which take only a single argument to release.
@@ -120,6 +120,6 @@ typedef ScopedCAPIHandle<
 typedef ScopedCAPIHandle<
     HCRYPTHASH, CAPIDestroyer<HCRYPTHASH, CryptDestroyHash> > ScopedHCRYPTHASH;
 
-}  // namespace base
+}  // namespace crypto
 
-#endif  // BASE_CRYPTO_SCOPED_CAPI_TYPES_H_
+#endif  // CRYPTO_SCOPED_CAPI_TYPES_H_

crypto/scoped_nss_types.h

@@ -2,8 +2,8 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#ifndef BASE_SCOPED_NSS_TYPES_H_
+#ifndef CRYPTO_SCOPED_NSS_TYPES_H_
-#define BASE_SCOPED_NSS_TYPES_H_
+#define CRYPTO_SCOPED_NSS_TYPES_H_
 #pragma once
 
 #include <nss.h>
@@ -11,7 +11,7 @@
 
 #include "base/memory/scoped_ptr.h"
 
-namespace base {
+namespace crypto {
 
 template <typename Type, void (*Destroyer)(Type*)>
 struct NSSDestroyer {
@@ -47,6 +47,6 @@ typedef scoped_ptr_malloc<
                            SECITEM_FreeItem,
                            PR_TRUE> > ScopedSECItem;
 
-}  // namespace base
+}  // namespace crypto
 
-#endif  // BASE_SCOPED_NSS_TYPES_H_
+#endif  // CRYPTO_SCOPED_NSS_TYPES_H_

crypto/secure_hash.h

@@ -2,18 +2,17 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#ifndef BASE_CRYPTO_SECURE_HASH_H_
+#ifndef CRYPTO_SECURE_HASH_H_
-#define BASE_CRYPTO_SECURE_HASH_H_
+#define CRYPTO_SECURE_HASH_H_
 #pragma once
 
-#include "base/base_api.h"
 #include "base/basictypes.h"
 
-namespace base {
+namespace crypto {
 
 // A wrapper to calculate secure hashes incrementally, allowing to
 // be used when the full input is not known in advance.
-class BASE_API SecureHash {
+class SecureHash {
  public:
   enum Algorithm {
     SHA256,
@@ -32,6 +31,6 @@ class BASE_API SecureHash {
   DISALLOW_COPY_AND_ASSIGN(SecureHash);
 };
 
-}  // namespace base
+}  // namespace crypto
 
-#endif  // BASE_CRYPTO_SECURE_HASH_H_
+#endif  // CRYPTO_SECURE_HASH_H_

crypto/secure_hash_default.cc

@@ -2,13 +2,13 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "base/crypto/secure_hash.h"
+#include "crypto/secure_hash.h"
 
 #include "base/logging.h"
-#include "base/third_party/nss/blapi.h"
+#include "crypto/third_party/nss/blapi.h"
-#include "base/third_party/nss/sha256.h"
+#include "crypto/third_party/nss/sha256.h"
 
-namespace base {
+namespace crypto {
 
 namespace {
 
@@ -46,4 +46,4 @@ SecureHash* SecureHash::Create(Algorithm algorithm) {
   }
 }
 
-}  // namespace base
+}  // namespace crypto

crypto/secure_hash_openssl.cc

@@ -2,15 +2,15 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "base/crypto/secure_hash.h"
+#include "crypto/secure_hash.h"
 
 #include <openssl/ssl.h>
 
 #include "base/basictypes.h"
 #include "base/logging.h"
-#include "base/openssl_util.h"
+#include "crypto/openssl_util.h"
 
-namespace base {
+namespace crypto {
 
 namespace {
 
@@ -50,4 +50,4 @@ SecureHash* SecureHash::Create(Algorithm algorithm) {
   }
 }
 
-}  // namespace base
+}  // namespace crypto